Post Syndicated from Adam Barnett original https://www.rapid7.com/blog/post/em-patch-tuesday-july-2026
Microsoft is publishing 622 vulnerabilities on July 2026 Patch Tuesday, including a record-breaking 416 Windows vulnerabilities. Microsoft is aware of exploitation in the wild for two of the vulnerabilities published today, both of which are listed on CISA KEV, as well as public disclosure for one other. As usual, browser vulns are not included in the Patch Tuesday count above. Rapid7 noted last month that Microsoft no longer enumerates Chromium CVEs in the Security Update Guide. However, Microsoft has now taken the pursuit of minimalism much further, since today’s Security Update Guide no longer lists out even Microsoft vulnerabilities! Instead, we now receive a summary table of vulnerability counts by product family, as well as a new slimline “Notable CVEs” section. All of this only serves to illustrate the recent industry-wide trend of exploding vulnerability report counts, with an associated uptick in the publication of remediations as a trailing indicator.
SharePoint: critical auth bypass by Rapid7
Today sees the publication of CVE-2026-55040, a critical authentication bypass in Microsoft SharePoint. Discovered by Rapid7 Senior Principal Security Researcher Stephen Fewer, and published today in coordination with Microsoft, this vulnerability is the first in a pair of exploits which, when chained together, can lead to unauthenticated remote code execution against a vulnerable SharePoint server. Patches are available for SharePoint Server Subscription Edition, 2019, and 2016. As the full Rapid7 blog post sets out, the second vulnerability in the full RCE chain remains embargoed for now, with Microsoft expected to publish patches for that second vulnerability as part of Patch Tuesday August 2026. Microsoft noted: “We would like to thank Rapid7 for responsibly reporting this issue through coordinated vulnerability disclosure.”
SharePoint: zero-day EoP
It’s a rare Patch Tuesday which doesn’t include multiple SharePoint fixes, and today is no exception. Microsoft is aware of existing in-the-wild exploitation of CVE-2026-56164, where successful exploitation allows an attacker to elevate privileges over a network, with no existing privileges required, and low attack complexity since “an attacker does not require significant prior knowledge of the system, and can achieve repeatable success”. This is as good an example as any that a relatively low CVSS v3 base score (5.3) may be an imperfect signal concealing something much spicier, and Microsoft acknowledges that possibility by assigning a severity rating of Important. Microsoft certainly intended to list CVE-2026-56164 in the new Notable CVEs section of the Security Update Guide instead of erroneously listing CVE-2026-56155 twice, and it’s likely that this will be corrected shortly.
What’s the opposite of coordinated disclosure?
After years of relative stability, the Patch Tuesday process has experienced significant turbulence so far in 2026. As well as the AI-fuelled exponential growth of vulnerability reporting and discovery, Microsoft is grappling with the emergence of a series of vulnerabilities disclosed in such a way as to bring maximum discomfort for Redmond. Pseudonymous researcher Nightmare Eclipse dropped another Defender elevation of privilege vulnerability in the hours following Patch Tuesday June 2026, which Microsoft subsequently published and patched as CVE-2026-50656, along with a terse acknowledgement of the vulnerability’s celebrity nickname of RoguePlanet. Recently, Nightmare Eclipse has given conflicting estimates of what sort of surprises Microsoft can expect today, as well as claiming that the CVE-2026-50656 patches introduce a new avenue for a disk exhaustion attack. Today, a new proof of concept for a further vulnerability nicknamed LegacyHive has emerged from the same source, which appears to allow a non-privileged user to mount another user’s user hive.
Microsoft BitLocker receives patches today for a publicly-known security feature bypass vulnerability. The advisory for CVE-2026-50661 explains that an unauthorized attacker with physical access to the target machine can bypass Windows BitLocker. While Microsoft doesn’t confirm either way, it’s very probable that this is a patch for the GreatXML vulnerability which Nightmare Eclipse announced the day after Patch Tuesday June 2026.
Active Directory Federation Services: zero-day EoP
Active Directory administrators should note the emergence today of CVE-2026-56155, an exploited-in-the-wild elevation of privilege vulnerability in Active Directory Federation Services which allows an authorized attacker to elevate privileges locally. Eight other vulnerabilities are also published today in Active Directory Federation Services, all ranked as Important on Microsoft’s proprietary severity ranking scale. The advisory doesn’t explicitly describe the location of the attacker, but it’s likely that an attacker would need an existing toehold on the target system to chain together with the elevation of privilege opportunity on offer here.
Age of Empires II: RCE
Historically, Patch Tuesday hasn’t seen too many security patches for video games. However, Age of Empires II: Definitive Edition is a new entrant to the Microsoft CVE roster today. Veteran AoE2 players may well be familiar with dangerous opposition early game strategies such as the Persian Town Center nuisance or the Aztec monk rush, but anyone who opens a malicious game scenario file without applying the patch for CVE-2026-50663 might suffer a serious defeat. Successful exploitation allows an attacker to place malicious files in unexpected locations, potentially enabling code execution on the target system.
Microsoft lifecycle update
As Rapid7 noted last month, there are some significant Microsoft product lifecycle changes taking place in mid-July. SQL Server 2016 moves beyond regular extended support and into the pay-to-play Extended Security Updates (ESU) phase from July 15, 2026, and its older sibling SQL Server 2014 moves into the third and final year of ESU. Also on July 14, 2026, SharePoint Server 2016 and 2019 reach extended end date, and since there’s no ESU available, the only remaining option for fully-supported self-hosted SharePoint after today is SharePoint Subscription Edition. The July 2026 lifecycle casualties continue with Project Server 2016 and 2019, Dynamics GP 2016 and 2016 R2, InfoPath 2013, and SharePoint Designer 2013, which also all reach their Extended End Dates, ending their supported lifecycles. Visual Studio 2022 Version 17.12 Long-Term Servicing Channel (LTSC) reaches its release end date on July 14, leaving either the Visual Studio 2022 current channel or an upgrade to Visual Studio 2026 as supported options.
Summary charts



Summary tables
Apps vulnerabilities
|
CVE |
Title |
Exploitation status |
Publicly disclosed? |
CVSS v3 base score |
|---|---|---|---|---|
| CVE-2026-58617 |
M365 Copilot for iOS Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.1 |
| CVE-2026-58595 |
Microsoft Bing App for IOS Spoofing Vulnerability |
Exploitation Less Likely |
No |
8.1 |
| CVE-2026-48561 |
Microsoft Copilot Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
9.6 |
| CVE-2026-58636 |
Microsoft PC Manager Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50438 |
Microsoft PC Manager Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-54124 |
Windows Terminal Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
Azure vulnerabilities
|
CVE |
Title |
Exploitation status |
Publicly disclosed? |
CVSS v3 base score |
|---|---|---|---|---|
| CVE-2026-50652 |
Azure Active Directory Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50653 |
Azure Active Directory Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-57969 |
Azure CycleCloud Elevation of Privilege Vulnerability |
N/A |
No |
8.8 |
| CVE-2026-58279 |
Azure CycleCloud Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-47632 |
Azure Monitor Agent Metrics Extension Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50338 |
Azure Spring Apps Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.2 |
Developer Tools vulnerabilities
|
CVE |
Title |
Exploitation status |
Publicly disclosed? |
CVSS v3 base score |
|---|---|---|---|---|
| CVE-2026-47302 |
.NET Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50525 |
.NET Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50651 |
.NET Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-57108 |
.NET Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50524 |
.NET Framework Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50527 |
.NET Framework Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50648 |
.NET Framework Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50650 |
.NET Framework Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50646 |
.NET Framework Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50649 |
.NET Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-47304 |
.NET Security Feature Bypass Vulnerability |
Exploitation Less Likely |
No |
8.1 |
| CVE-2026-50528 |
.NET Security Feature Bypass Vulnerability |
Exploitation Less Likely |
No |
8.2 |
| CVE-2026-50659 |
.NET Spoofing Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-50526 |
.NET Tampering Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-56170 |
ASP.NET Core Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-47300 |
ASP.NET Core Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-47303 |
ASP.NET Core Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-47282 |
GitHub Copilot and Visual Studio Code Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-41109 |
GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50506 |
OData for ASP.NET and ASP.NET Core Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-45646 |
OData for ASP.NET and ASP.NET Core Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50520 |
Visual Studio Code Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.4 |
| CVE-2026-45496 |
Visual Studio Code Security Feature Bypass Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-57101 |
Visual Studio Code Security Feature Bypass Vulnerability |
Exploitation Less Likely |
No |
7.1 |
| CVE-2026-57102 |
Visual Studio Code Security Feature Bypass Vulnerability |
Exploitation Unlikely |
No |
8.8 |
| CVE-2026-47305 |
Visual Studio Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
Device vulnerabilities
|
CVE |
Title |
Exploitation status |
Publicly disclosed? |
CVSS v3 base score |
|---|---|---|---|---|
| CVE-2026-48581 |
Surface Broker SDMA Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
ESU vulnerabilities
|
CVE |
Title |
Exploitation status |
Publicly disclosed? |
CVSS v3 base score |
|---|---|---|---|---|
| CVE-2026-54121 |
Active Directory Certificate Services Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50682 |
Active Directory Denial of Service Vulnerability |
Exploitation Unlikely |
No |
7.1 |
| CVE-2026-50647 |
Active Directory Federation Server Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50684 |
Active Directory Federation Server Spoofing Vulnerability |
N/A |
No |
4.8 |
| CVE-2026-56155 |
Active Directory Federation Services Elevation of Privilege Vulnerability |
Exploitation Detected |
No |
7.8 |
| CVE-2026-50491 |
Code Integrity DLL (ci.dll) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50381 |
Composite Image File System driver (cimfs.sys) Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-50427 |
Content Delivery Manager Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50692 |
Desktop Window Manager Elevation of Privilege Vulnerability |
N/A |
No |
8.8 |
| CVE-2026-48564 |
DHCP Server Service Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50370 |
DHCP Server Service Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
8.8 |
| CVE-2026-56159 |
DHCP Server Service Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
9.8 |
| CVE-2026-50296 |
DirectX Graphics Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50375 |
DirectX Graphics Kernel Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
6.3 |
| CVE-2026-50493 |
DirectX Graphics Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-56643 |
DirectX Graphics Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-56644 |
DirectX Graphics Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-58629 |
DirectX Graphics Kernel Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-50382 |
DirectX Graphics Kernel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-49174 |
DNS Client Tampering Vulnerability |
Exploitation Unlikely |
No |
6.1 |
| CVE-2026-50495 |
DNS Client Tampering Vulnerability |
Exploitation Less Likely |
No |
6.1 |
| CVE-2026-49787 |
HTTP.sys Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-49788 |
HTTP/2 Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50696 |
Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-50329 |
Microsoft DWM Core Library Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-58541 |
Microsoft DWM Core Library Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55006 |
Microsoft Exchange Server Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55009 |
Microsoft Exchange Server Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-55005 |
Microsoft Exchange Server Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-55008 |
Microsoft Exchange Server Spoofing Vulnerability |
Exploitation More Likely |
No |
9.6 |
| CVE-2026-50343 |
Microsoft Install Service Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-54992 |
Microsoft Message Queuing Queue Manager Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
8.4 |
| CVE-2026-50439 |
Microsoft Message Queuing Queue Manager Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.1 |
| CVE-2026-42900 |
Microsoft Windows App Store Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
8.1 |
| CVE-2026-49784 |
Microsoft Windows App Store Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50356 |
Microsoft Windows App Store Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-49165 |
Microsoft Windows App Store Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
7.1 |
| CVE-2026-54993 |
Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-58610 |
Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50655 |
Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-56189 |
Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-57090 |
Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-57094 |
Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-57087 |
Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-57092 |
Microsoft Windows VMSwitch Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
9.9 |
| CVE-2026-50359 |
Microsoft XML Core Services Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-57097 |
Microsoft XML Security Feature Bypass Vulnerability |
Exploitation Less Likely |
No |
6.4 |
| CVE-2026-50346 |
Netlogon RPC Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50402 |
NTFS Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-54989 |
Quality Windows Audio/Video Experience (QWAVE) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50365 |
Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.0 |
| CVE-2026-50474 |
Remote Desktop Client Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
8.8 |
| CVE-2026-58594 |
Remote Desktop Client Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-56190 |
Remote Desktop Protocol Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
9.8 |
| CVE-2026-49783 |
Secure Boot Security Feature Bypass Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-42990 |
SQL Server ODBC driver Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
9.8 |
| CVE-2026-49168 |
Storage Spaces Direct Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
6.8 |
| CVE-2026-49180 |
Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-50455 |
Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-58601 |
Virtual Hard Disk (VHD) Miniport Driver Elevation of Privilege Vulernability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-49805 |
Win32k Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.0 |
| CVE-2026-50297 |
Win32k Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.0 |
| CVE-2026-50325 |
Win32k Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.0 |
| CVE-2026-50489 |
Win32k Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
8.8 |
| CVE-2026-57095 |
Win32k Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
6.2 |
| CVE-2026-56184 |
Win32k Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
CVE-2026-50432 |
Window Virtual Filtering Platform (VFP) Denial of Service Vulnerability |
Exploitation Less Likely |
No |
5.3 |
| CVE-2026-54119 |
Windows Active Directory Denial of Service Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-57976 |
Windows Active Directory Domain Services Denial of Service Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-50366 |
Windows Active Directory Domain Services Denial of Service Vulnerability |
Exploitation Unlikely |
No |
6.5 |
| CVE-2026-49164 |
Windows Active Directory Domain Services Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
8.1 |
| CVE-2026-49178 |
Windows Active Directory Domain Services Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
8.8 |
| CVE-2026-54983 |
Windows Active Directory Federation Services Denial of Service Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-50695 |
Windows Active Directory Federation Services Denial of Service Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-50304 |
Windows Active Directory Federation Services Denial of Service Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-50368 |
Windows Active Directory Federation Services Denial of Service Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-50324 |
Windows Active Directory Federation Services Denial of Service Vulnerability |
Exploitation Less Likely |
No |
5.9 |
| CVE-2026-50355 |
Windows Active Directory Federation Services Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50411 |
Windows Active Directory Federation Services Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50312 |
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
4.7 |
| CVE-2026-50462 |
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-57093 |
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-34346 |
Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-50400 |
Windows App Package Installer Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50331 |
Windows Application Model Core API Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-49803 |
Windows AppX Deployment Extensions Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50351 |
Windows Audio Compression Manager (ACM) Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-34328 |
Windows Audio Service Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50406 |
Windows Backup Engine Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50364 |
Windows Backup Service Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.3 |
| CVE-2026-50661 |
Windows BitLocker Security Feature Bypass Vulnerability |
Exploitation Less Likely |
Yes |
6.1 |
| CVE-2026-42975 |
Windows Bluetooth Port Driver Remote Code Execution |
Exploitation Less Likely |
No |
8.0 |
| CVE-2026-58538 |
Windows Bluetooth Service Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-58638 |
Windows Boot Loader Security Feature Bypass Vulnerability |
Exploitation More Likely |
No |
6.0 |
| CVE-2026-58637 |
Windows Client-Side Caching Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-50384 |
Windows Clip Service Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-49183 |
Windows Clipboard Server Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50689 |
Windows Clipboard Server Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50374 |
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
6.3 |
| CVE-2026-58536 |
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-58613 |
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50401 |
Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-50697 |
Windows Common Log File System Driver Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50667 |
Windows Common Log File System Driver Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-50421 |
Windows Connected User Experiences and Telemetry Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50352 |
Windows Cryptographic Services Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50302 |
Windows Cryptographic Services Security Feature Bypass Vulnerability |
Exploitation Unlikely |
No |
4.2 |
| CVE-2026-50347 |
Windows Data.dll Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-49181 |
Windows DHCP Client Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50683 |
Windows DHCP Client Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
8.0 |
| CVE-2026-54128 |
Windows DHCP Client Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
8.4 |
| CVE-2026-58627 |
Windows DHCP Server Denial of Service Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-50518 |
Windows DHCP Server Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
9.8 |
| CVE-2026-50685 |
Windows DHCP Server Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-49807 |
Windows DirectX Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.2 |
| CVE-2026-49175 |
Windows DNS Client Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50426 |
Windows DNS Server Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
6.8 |
| CVE-2026-50300 |
Windows DWM Core Library Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-50437 |
Windows DWM Core Library Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-34348 |
Windows Event Logging Service Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-50502 |
Windows Event Logging Service Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.0 |
| CVE-2026-33842 |
Windows File Explorer Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-40422 |
Windows File Explorer Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-41087 |
Windows File Explorer Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50473 |
Windows File Explorer Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50442 |
Windows File Explorer Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50389 |
Windows File Explorer Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50456 |
Windows File Explorer Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-57084 |
Windows File Explorer Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-57091 |
Windows File History Service Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-50405 |
Windows Filtering Platform Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-49172 |
Windows FTP Service Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
9.8 |
| CVE-2026-50387 |
Windows GDI Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-54122 |
Windows GDI+ Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.4 |
| CVE-2026-49796 |
Windows GDI+ Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50380 |
Windows GDI+ Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
9.6 |
CVE-2026-58609 |
Windows Graphics Component Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50391 |
Windows Group Policy Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50310 |
Windows Human Interface Device Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
4.7 |
| CVE-2026-50485 |
Windows Hyper-V Denial of Service Vulnerability |
Exploitation Less Likely |
No |
4.5 |
| CVE-2026-54129 |
Windows Hyper-V Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50680 |
Windows Hyper-V Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.2 |
| CVE-2026-58534 |
Windows Input Method Editor (IME) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50490 |
Windows Installer Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-58540 |
Windows Installer Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50425 |
Windows Internal System User Profile Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50293 |
Windows Internal Task Bar Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-49167 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
4.7 |
| CVE-2026-54132 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
6.8 |
| CVE-2026-49795 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
8.8 |
| CVE-2026-49798 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
9.3 |
| CVE-2026-50354 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.1 |
| CVE-2026-50332 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-50377 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-50390 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.0 |
| CVE-2026-50423 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-50397 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50399 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50459 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50477 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50478 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50484 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50673 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-58532 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50294 |
Windows Kernel Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.2 |
| CVE-2026-50316 |
Windows Kernel Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-50419 |
Windows Kernel Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
3.3 |
| CVE-2026-50463 |
Windows Kernel Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50475 |
Windows Kernel Information Disclosure Vulnerability |
Exploitation More Likely |
No |
5.5 |
| CVE-2026-50429 |
Windows Kernel Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
8.2 |
| CVE-2026-58614 |
Windows Kernel Security Feature Bypass Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-58545 |
Windows Kernel Security Feature Bypass Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50378 |
Windows Key Guard Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50303 |
Windows Key Guard Security Feature Bypass Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-40378 |
Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-49799 |
Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-50371 |
Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-50358 |
Windows Media Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50433 |
Windows Media Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-34349 |
Windows Media Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50394 |
Windows Media Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50415 |
Windows Media Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.3 |
| CVE-2026-57083 |
Windows Media Photo Codec Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-54115 |
Windows Message Queuing (MSMQ) Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50447 |
Windows Message Queuing Service (MSMQ) Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
9.8 |
| CVE-2026-50505 |
Windows Message Queuing Service (MSMQ) Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-58635 |
Windows Narrator Braille Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50500 |
Windows Netlogon Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-50476 |
Windows Network Connections Service Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-50450 |
Windows Network Connections Service Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-56650 |
Windows Network File System Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-56649 |
Windows Network File System Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
5.9 |
| CVE-2026-50470 |
Windows Network Policy Server SNMP Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50496 |
Windows Network Policy Server SNMP Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-56194 |
Windows NFS Server Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-56648 |
Windows NFS Server Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-50337 |
Windows Notification Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-49789 |
Windows NTFS Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.3 |
| CVE-2026-50412 |
Windows NTFS Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50422 |
Windows NTFS Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50672 |
Windows NTFS Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-56175 |
Windows NTFS Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-56182 |
Windows NTFS Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50341 |
Windows NTFS Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-58640 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.3 |
| CVE-2026-49184 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.4 |
| CVE-2026-49797 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50308 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50386 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50309 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50313 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50388 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50448 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50471 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50461 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50417 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50482 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.3 |
| CVE-2026-50494 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50344 |
Windows OLE Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50686 |
Windows OLE Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.1 |
| CVE-2026-50335 |
Windows Operating Systems Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-54987 |
Windows Overlay Filter Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50435 |
Windows Overlay Filter Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50409 |
Windows Overlay Filter Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-40400 |
Windows PowerShell Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
8.0 |
| CVE-2026-55004 |
Windows Print Configuration Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50499 |
Windows Print Spooler Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50383 |
Windows Print Spooler Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.1 |
| CVE-2026-57085 |
Windows Print Spooler Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-58608 |
Windows Print Spooler Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50469 |
Windows Projected File System Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50434 |
Windows Push Notification Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50339 |
Windows Push Notification Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50430 |
Windows Push Notification Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50334 |
Windows Push Notification Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50363 |
Windows Push Notifications Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50431 |
Windows Quality of Service (QoS) Packet Scheduler Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50372 |
Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-54982 |
Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-54995 |
Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
8.1 |
| CVE-2026-50666 |
Windows Remote Access Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-56647 |
Windows Remote Access Service Infrastructure Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50330 |
Windows Remote Desktop Client Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-50376 |
Windows Remote Desktop Client Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-50504 |
Windows Remote Desktop Client Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-58533 |
Windows Remote Desktop Client Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-58535 |
Windows Remote Desktop Client Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-58546 |
Windows Remote Desktop Client Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-58539 |
Windows Remote Desktop Client Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
6.5 |
| CVE-2026-55003 |
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
6.5 |
| CVE-2026-57979 |
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-50445 |
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-50497 |
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
6.5 |
| CVE-2026-54126 |
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
6.5 |
| CVE-2026-57982 |
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-50369 |
Windows Remote Desktop Services Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-58626 |
Windows Remote Desktop Services Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
8.8 |
| CVE-2026-50318 |
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50407 |
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50357 |
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50441 |
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50668 |
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
6.8 |
| CVE-2026-54109 |
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-49792 |
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-49793 |
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50362 |
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50492 |
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
6.8 |
| CVE-2026-58530 |
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-49791 |
Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.1 |
| CVE-2026-50451 |
Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.1 |
| CVE-2026-57096 |
Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50452 |
Windows Runtime Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-50348 |
Windows Runtime Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-50410 |
Windows Runtime Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50449 |
Windows Runtime Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50460 |
Windows Runtime Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
8.1 |
| CVE-2026-50457 |
Windows Runtime Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50486 |
Windows Runtime Elevation of Privilege Vulnerability |
N/A |
No |
7.8 |
| CVE-2026-54125 |
Windows Runtime Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50373 |
Windows Search Service Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-44806 |
Windows Secure Channel Denial of Service Vulnerability |
Exploitation Less Likely |
No |
5.3 |
| CVE-2026-50681 |
Windows Secure Channel Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-56186 |
Windows Secure Channel Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
8.1 |
| CVE-2026-42982 |
Windows Secure Kernel Mode Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50694 |
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
8.1 |
| CVE-2026-50367 |
Windows Sensor Data Service Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-58619 |
Windows Sensor Data Service Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50311 |
Windows Server Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-56188 |
Windows Server Network driver Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
9.8 |
CVE-2026-50444 |
Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50328 |
Windows Server Update Service (WSUS) Tampering Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-58531 |
Windows SMB Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.5 |
| CVE-2026-54997 |
Windows SMB Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-49801 |
Windows SMB Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-50690 |
Windows SMB Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-56168 |
Windows SMB Server Denial of Service Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-50360 |
Windows SMB Server Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
8.8 |
| CVE-2026-57089 |
Windows SMB Server Network Transport Driver (srvnet.sys) Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-50333 |
Windows Spaceport.sys Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50298 |
Windows Spaceport.sys Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
6.8 |
| CVE-2026-49171 |
Windows Speech Runtime Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-49170 |
Windows StateRepository API Server file Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-58526 |
Windows Storage Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50299 |
Windows Storage Spaces Direct Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
6.8 |
| CVE-2026-50306 |
Windows TCP/IP Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50307 |
Windows TCP/IP Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-49177 |
Windows TCP/IP Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-54999 |
Windows TCP/IP Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50669 |
Windows Telephony Server Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-54124 |
Windows Terminal Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50350 |
Windows Trusted Runtime Interface Driver Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50326 |
Windows Unified Consent System Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-49790 |
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.3 |
| CVE-2026-50498 |
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-58547 |
Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-49794 |
Windows USB Audio Class Driver Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
4.6 |
| CVE-2026-50453 |
Windows USB Audio Class Driver Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.1 |
| CVE-2026-58528 |
Windows USB Audio Class Driver Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.8 |
| CVE-2026-50321 |
Windows USB Driver Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50479 |
Windows USB Hub Driver Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-49804 |
Windows USB Video Driver Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
6.6 |
| CVE-2026-49176 |
Windows WalletService Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-49800 |
Windows Web Proxy Auto-Discovery Protocol (WPAD) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50480 |
Windows Web Proxy Auto-Discovery Protocol (WPAD) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-56173 |
Windows WebView Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-58632 |
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-54107 |
Windows Win32k Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-54986 |
Windows Win32k Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-54112 |
Windows Win32k Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-54114 |
Windows Win32k Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-50670 |
Windows Win32k Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50688 |
Windows Win32k Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-56176 |
Windows Win32k Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-58628 |
Windows Wireless Network Manager Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50509 |
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
Microsoft Dynamics vulnerabilities
|
CVE |
Title |
Exploitation status |
Publicly disclosed? |
CVSS v3 base score |
|---|---|---|---|---|
| CVE-2026-55944 |
Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
9.8 |
Microsoft Office vulnerabilities
|
CVE |
Title |
Exploitation status |
Publicly disclosed? |
CVSS v3 base score |
|---|---|---|---|---|
| CVE-2026-50678 |
Microsoft Excel Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.6 |
| CVE-2026-54988 |
Microsoft Excel Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
6.1 |
| CVE-2026-48580 |
Microsoft Excel Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-50408 |
Microsoft Excel Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-55046 |
Microsoft Excel Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-55138 |
Microsoft Excel Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-55054 |
Microsoft Excel Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-55122 |
Microsoft Excel Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
7.1 |
| CVE-2026-55898 |
Microsoft Excel Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
6.1 |
| CVE-2026-50675 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55899 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55948 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-58618 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-47642 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55024 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55025 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-55031 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55048 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55029 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55039 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55041 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55136 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-55141 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55036 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55044 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55037 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55058 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55137 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55053 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55131 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-54131 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55947 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55949 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-56156 |
Microsoft Excel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-56193 |
Microsoft Office Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
7.1 |
| CVE-2026-55023 |
Microsoft Office Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-55026 |
Microsoft Office Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.2 |
| CVE-2026-55027 |
Microsoft Office Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-55028 |
Microsoft Office Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-55047 |
Microsoft Office Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-55035 |
Microsoft Office Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-55057 |
Microsoft Office Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-55042 |
Microsoft Office Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-55139 |
Microsoft Office Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-50665 |
Microsoft Office Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-56192 |
Microsoft Office Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-56195 |
Microsoft Office Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-55121 |
Microsoft Office Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-47290 |
Microsoft Office Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50301 |
Microsoft Office Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50314 |
Microsoft Office Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50467 |
Microsoft Office Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55017 |
Microsoft Office Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55018 |
Microsoft Office Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55022 |
Microsoft Office Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55125 |
Microsoft Office Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55045 |
Microsoft Office Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.4 |
| CVE-2026-55049 |
Microsoft Office Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55129 |
Microsoft Office Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55056 |
Microsoft Office Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55140 |
Microsoft Office Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55133 |
Microsoft OneNote Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55043 |
Microsoft PowerPoint Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55123 |
Microsoft PowerPoint Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55120 |
Microsoft PowerPoint Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55052 |
Microsoft SharePoint Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
8.8 |
| CVE-2026-58277 |
Microsoft SharePoint Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50522 |
Microsoft SharePoint Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
9.8 |
| CVE-2026-58644 |
Microsoft SharePoint Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
9.8 |
| CVE-2026-56164 |
Microsoft SharePoint Server Elevation of Privilege Vulnerability |
Exploitation Detected |
No |
5.3 |
| CVE-2026-55051 |
Microsoft SharePoint Server Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-55040 |
Microsoft SharePoint Server Security Feature Bypass Vulnerability |
Exploitation More Likely |
No |
9.1 |
| CVE-2026-54108 |
Microsoft SharePoint Server Spoofing Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-55016 |
Microsoft SharePoint Server Spoofing Vulnerability |
Exploitation Less Likely |
No |
4.6 |
| CVE-2026-55019 |
Microsoft SharePoint Server Spoofing Vulnerability |
Exploitation Unlikely |
No |
4.6 |
| CVE-2026-55020 |
Microsoft SharePoint Server Spoofing Vulnerability |
Exploitation Unlikely |
No |
4.6 |
| CVE-2026-55021 |
Microsoft SharePoint Server Spoofing Vulnerability |
Exploitation Unlikely |
No |
7.3 |
| CVE-2026-55030 |
Microsoft SharePoint Server Spoofing Vulnerability |
N/A |
No |
4.6 |
| CVE-2026-55034 |
Microsoft SharePoint Server Spoofing Vulnerability |
Exploitation Less Likely |
No |
7.3 |
| CVE-2026-55126 |
Microsoft SharePoint Server Spoofing Vulnerability |
Exploitation Less Likely |
No |
7.3 |
| CVE-2026-55135 |
Microsoft SharePoint Server Spoofing Vulnerability |
Exploitation Less Likely |
No |
4.6 |
| CVE-2026-56157 |
Microsoft SharePoint Server Spoofing Vulnerability |
Exploitation Less Likely |
No |
5.4 |
| CVE-2026-55050 |
Microsoft Word Information Disclosure Vulnerability |
N/A |
No |
5.5 |
| CVE-2026-55124 |
Microsoft Word Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-55142 |
Microsoft Word Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-55032 |
Microsoft Word Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55033 |
Microsoft Word Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55127 |
Microsoft Word Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55055 |
Microsoft Word Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55038 |
Microsoft Word Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-55132 |
Microsoft Word Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55134 |
Microsoft Word Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-55128 |
Microsoft Word Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-55130 |
Microsoft Word Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50387 |
Windows GDI Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
Open Source Software vulnerabilities
|
CVE |
Title |
Exploitation status |
Publicly disclosed? |
CVSS v3 base score |
|---|---|---|---|---|
| CVE-2026-40553 |
Stack-based buffer overflow in gawk |
n/a |
No |
|
| CVE-2026-40469 |
Heap buffer overflow in gawk |
n/a |
No |
|
| CVE-2026-40468 |
Heap buffer overflow in gawk |
n/a |
No |
|
| CVE-2026-40467 |
Use after free in gawk |
n/a |
No |
|
| CVE-2026-57968 |
Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-57973 |
Windows Subsystem for Linux (WSL2) Kernel Tampering Vulnerability |
Exploitation Less Likely |
No |
6.3 |
Other vulnerabilities
|
CVE |
Title |
Exploitation status |
Publicly disclosed? |
CVSS v3 base score |
|---|---|---|---|---|
| CVE-2026-50663 |
Game: Age of Empires II: Definitive Edition Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50510 |
GitHub Copilot Remote Code Execution Vulnerability |
N/A |
No |
7.8 |
| CVE-2026-55010 |
Minecraft Bedrock Dedicated Server Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
9.8 |
| CVE-2026-55145 |
Outlook Copilot Tampering Vulnerability |
N/A |
No |
6.3 |
Server Software vulnerabilities
|
CVE |
Title |
Exploitation status |
Publicly disclosed? |
CVSS v3 base score |
|---|---|---|---|---|
| CVE-2026-55006 |
Microsoft Exchange Server Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55009 |
Microsoft Exchange Server Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-55005 |
Microsoft Exchange Server Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-55008 |
Microsoft Exchange Server Spoofing Vulnerability |
Exploitation More Likely |
No |
9.6 |
SQL Server vulnerabilities
|
CVE |
Title |
Exploitation status |
Publicly disclosed? |
CVSS v3 base score |
|---|---|---|---|---|
| CVE-2026-56642 |
Microsoft Fabric Data Warehouse Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
8.8 |
| CVE-2026-58647 |
Microsoft PowerBI Report Server Spoofing Vulnerability |
Exploitation Unlikely |
No |
8.0 |
| CVE-2026-47296 |
Microsoft SQL Server Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55002 |
Microsoft SQL Server Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-47295 |
Microsoft SQL Server Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50468 |
Microsoft SQL Server Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-54116 |
Microsoft SQL Server Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-54117 |
Microsoft SQL Server Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-54118 |
Microsoft SQL Server Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
System Center vulnerabilities
|
CVE |
Title |
Exploitation status |
Publicly disclosed? |
CVSS v3 base score |
|---|---|---|---|---|
| CVE-2026-50658 |
Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-56178 |
Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-50657 |
Microsoft Defender for Endpoint for Mac Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
4.7 |
| CVE-2026-55011 |
Microsoft Defender Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55012 |
Microsoft Defender Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
Windows vulnerabilities
|
CVE |
Title |
Exploitation status |
Publicly disclosed? |
CVSS v3 base score |
|---|---|---|---|---|
| CVE-2026-54121 |
Active Directory Certificate Services Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50682 |
Active Directory Denial of Service Vulnerability |
Exploitation Unlikely |
No |
7.1 |
| CVE-2026-55001 |
Active Directory Domain Services Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50647 |
Active Directory Federation Server Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50684 |
Active Directory Federation Server Spoofing Vulnerability |
N/A |
No |
4.8 |
| CVE-2026-56155 |
Active Directory Federation Services Elevation of Privilege Vulnerability |
Exploitation Detected |
No |
7.8 |
| CVE-2026-50488 |
Clipboard User Service Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50491 |
Code Integrity DLL (ci.dll) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50381 |
Composite Image File System driver (cimfs.sys) Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-50427 |
Content Delivery Manager Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50692 |
Desktop Window Manager Elevation of Privilege Vulnerability |
N/A |
No |
8.8 |
| CVE-2026-58633 |
Desktop Window Manager Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-58634 |
Desktop Window Manager Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-48564 |
DHCP Server Service Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50370 |
DHCP Server Service Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
8.8 |
| CVE-2026-56159 |
DHCP Server Service Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
9.8 |
| CVE-2026-50296 |
DirectX Graphics Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50375 |
DirectX Graphics Kernel Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
6.3 |
| CVE-2026-50353 |
DirectX Graphics Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50493 |
DirectX Graphics Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-56643 |
DirectX Graphics Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-56644 |
DirectX Graphics Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-58629 |
DirectX Graphics Kernel Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-50382 |
DirectX Graphics Kernel Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-49174 |
DNS Client Tampering Vulnerability |
Exploitation Unlikely |
No |
6.1 |
| CVE-2026-50495 |
DNS Client Tampering Vulnerability |
Exploitation Less Likely |
No |
6.1 |
| CVE-2026-57088 |
Extensible Storage Engine (ESENT) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-49787 |
HTTP.sys Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50420 |
HTTP.sys Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.2 |
| CVE-2026-49788 |
HTTP/2 Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50696 |
Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-49162 |
Microsoft Brokering File System Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50305 |
Microsoft Brokering File System Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50361 |
Microsoft Brokering File System Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50466 |
Microsoft Brokering File System Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50458 |
Microsoft Brokering File System Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50329 |
Microsoft DWM Core Library Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-58541 |
Microsoft DWM Core Library Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50343 |
Microsoft Install Service Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-54992 |
Microsoft Message Queuing Queue Manager Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
8.4 |
| CVE-2026-50439 |
Microsoft Message Queuing Queue Manager Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.1 |
| CVE-2026-58537 |
Microsoft NAT Helper Components (ipnathlp.dll) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-42900 |
Microsoft Windows App Store Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
8.1 |
| CVE-2026-49784 |
Microsoft Windows App Store Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50356 |
Microsoft Windows App Store Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-49165 |
Microsoft Windows App Store Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
7.1 |
| CVE-2026-54993 |
Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-58610 |
Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50655 |
Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-56189 |
Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-57090 |
Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-57094 |
Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-57087 |
Microsoft Windows Media Foundation Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-57092 |
Microsoft Windows VMSwitch Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
9.9 |
| CVE-2026-50359 |
Microsoft XML Core Services Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-57097 |
Microsoft XML Security Feature Bypass Vulnerability |
Exploitation Less Likely |
No |
6.4 |
| CVE-2026-50346 |
Netlogon RPC Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50402 |
NTFS Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-54989 |
Quality Windows Audio/Video Experience (QWAVE) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50365 |
Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.0 |
| CVE-2026-54990 |
Remote Desktop Client Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
9.8 |
| CVE-2026-50474 |
Remote Desktop Client Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
8.8 |
| CVE-2026-58594 |
Remote Desktop Client Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-56190 |
Remote Desktop Protocol Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
9.8 |
| CVE-2026-49783 |
Secure Boot Security Feature Bypass Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-42990 |
SQL Server ODBC driver Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
9.8 |
| CVE-2026-49168 |
Storage Spaces Direct Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
6.8 |
| CVE-2026-49180 |
Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-50455 |
Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-54111 |
Universal Print Management Service Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-58543 |
Universal Print Management Service Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
6.3 |
| CVE-2026-58601 |
Virtual Hard Disk (VHD) Miniport Driver Elevation of Privilege Vulernability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-49805 |
Win32k Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.0 |
| CVE-2026-50297 |
Win32k Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.0 |
| CVE-2026-50325 |
Win32k Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.0 |
| CVE-2026-50489 |
Win32k Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
8.8 |
| CVE-2026-57095 |
Win32k Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
6.2 |
| CVE-2026-50416 |
Win32k Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
3.3 |
| CVE-2026-56184 |
Win32k Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
CVE-2026-50432 |
Window Virtual Filtering Platform (VFP) Denial of Service Vulnerability |
Exploitation Less Likely |
No |
5.3 |
| CVE-2026-54119 |
Windows Active Directory Denial of Service Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-57976 |
Windows Active Directory Domain Services Denial of Service Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-50366 |
Windows Active Directory Domain Services Denial of Service Vulnerability |
Exploitation Unlikely |
No |
6.5 |
| CVE-2026-49164 |
Windows Active Directory Domain Services Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
8.1 |
| CVE-2026-49178 |
Windows Active Directory Domain Services Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
8.8 |
| CVE-2026-58529 |
Windows Active Directory Federation Services (ADFS) Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
7.1 |
| CVE-2026-54983 |
Windows Active Directory Federation Services Denial of Service Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-50695 |
Windows Active Directory Federation Services Denial of Service Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-50304 |
Windows Active Directory Federation Services Denial of Service Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-50368 |
Windows Active Directory Federation Services Denial of Service Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-50324 |
Windows Active Directory Federation Services Denial of Service Vulnerability |
Exploitation Less Likely |
No |
5.9 |
| CVE-2026-50355 |
Windows Active Directory Federation Services Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50411 |
Windows Active Directory Federation Services Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-58631 |
Windows Admin Center (WAC) Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-56196 |
Windows Admin Center (WAC) Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-56197 |
Windows Admin Center (WAC) Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-56169 |
Windows Admin Center Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.1 |
| CVE-2026-57107 |
Windows Admin Center Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-56185 |
Windows Admin Center Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-50312 |
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
4.7 |
| CVE-2026-50462 |
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-57093 |
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-34346 |
Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-48572 |
Windows App Package Installer Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-48571 |
Windows App Package Installer Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50400 |
Windows App Package Installer Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50331 |
Windows Application Model Core API Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-49803 |
Windows AppX Deployment Extensions Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50351 |
Windows Audio Compression Manager (ACM) Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-50440 |
Windows Audio Service Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-34328 |
Windows Audio Service Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50406 |
Windows Backup Engine Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50364 |
Windows Backup Service Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.3 |
| CVE-2026-50661 |
Windows BitLocker Security Feature Bypass Vulnerability |
Exploitation Less Likely |
Yes |
6.1 |
| CVE-2026-42975 |
Windows Bluetooth Port Driver Remote Code Execution |
Exploitation Less Likely |
No |
8.0 |
| CVE-2026-58538 |
Windows Bluetooth Service Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-58638 |
Windows Boot Loader Security Feature Bypass Vulnerability |
Exploitation More Likely |
No |
6.0 |
| CVE-2026-58637 |
Windows Client-Side Caching Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-50384 |
Windows Clip Service Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-49183 |
Windows Clipboard Server Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50689 |
Windows Clipboard Server Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50374 |
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
6.3 |
| CVE-2026-58536 |
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-58613 |
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50401 |
Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-50697 |
Windows Common Log File System Driver Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50667 |
Windows Common Log File System Driver Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-50421 |
Windows Connected User Experiences and Telemetry Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50428 |
Windows Container Isolation FS Filter Driver (unionfs.sys) Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
7.1 |
| CVE-2026-50352 |
Windows Cryptographic Services Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50302 |
Windows Cryptographic Services Security Feature Bypass Vulnerability |
Exploitation Unlikely |
No |
4.2 |
| CVE-2026-55144 |
Windows Cryptography API: Next Generation (CNG) Tampering Vulnerability |
Exploitation Unlikely |
No |
7.1 |
| CVE-2026-50347 |
Windows Data.dll Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-49181 |
Windows DHCP Client Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50683 |
Windows DHCP Client Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
8.0 |
| CVE-2026-54128 |
Windows DHCP Client Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
8.4 |
| CVE-2026-58627 |
Windows DHCP Server Denial of Service Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-50518 |
Windows DHCP Server Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
9.8 |
| CVE-2026-50685 |
Windows DHCP Server Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-49807 |
Windows DirectX Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.2 |
| CVE-2026-49175 |
Windows DNS Client Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50487 |
Windows DNS Client Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.1 |
| CVE-2026-50465 |
Windows DNS Client Tampering Vulnerability |
Exploitation Less Likely |
No |
7.1 |
| CVE-2026-49169 |
Windows DNS Server Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.0 |
| CVE-2026-50426 |
Windows DNS Server Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
6.8 |
| CVE-2026-50424 |
Windows Domain Controller Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50300 |
Windows DWM Core Library Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-50437 |
Windows DWM Core Library Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-34348 |
Windows Event Logging Service Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-50502 |
Windows Event Logging Service Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.0 |
| CVE-2026-33842 |
Windows File Explorer Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-40422 |
Windows File Explorer Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-41087 |
Windows File Explorer Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50473 |
Windows File Explorer Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50442 |
Windows File Explorer Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50389 |
Windows File Explorer Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50456 |
Windows File Explorer Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-57084 |
Windows File Explorer Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-57091 |
Windows File History Service Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-50405 |
Windows Filtering Platform Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-49172 |
Windows FTP Service Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
9.8 |
| CVE-2026-50387 |
Windows GDI Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-54122 |
Windows GDI+ Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.4 |
| CVE-2026-49796 |
Windows GDI+ Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50380 |
Windows GDI+ Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
9.6 |
| CVE-2026-50483 |
Windows Graphics Component Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-58609 |
Windows Graphics Component Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50391 |
Windows Group Policy Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50310 |
Windows Human Interface Device Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
4.7 |
| CVE-2026-50485 |
Windows Hyper-V Denial of Service Vulnerability |
Exploitation Less Likely |
No |
4.5 |
| CVE-2026-54129 |
Windows Hyper-V Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-54127 |
Windows Hyper-V Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.4 |
| CVE-2026-50680 |
Windows Hyper-V Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.2 |
| CVE-2026-50315 |
Windows Image Acquisition Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-58534 |
Windows Input Method Editor (IME) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50490 |
Windows Installer Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-58540 |
Windows Installer Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50425 |
Windows Internal System User Profile Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50293 |
Windows Internal Task Bar Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-49167 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
4.7 |
| CVE-2026-49173 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-54132 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
6.8 |
| CVE-2026-49795 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
8.8 |
| CVE-2026-49798 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
9.3 |
| CVE-2026-49808 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50354 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.1 |
| CVE-2026-50332 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-50377 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-50390 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.0 |
| CVE-2026-50423 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-50397 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50436 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-50399 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50459 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50477 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50478 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50484 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50673 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-58532 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50294 |
Windows Kernel Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.2 |
CVE-2026-50316 |
Windows Kernel Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-50419 |
Windows Kernel Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
3.3 |
| CVE-2026-50463 |
Windows Kernel Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50475 |
Windows Kernel Information Disclosure Vulnerability |
Exploitation More Likely |
No |
5.5 |
| CVE-2026-50429 |
Windows Kernel Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
8.2 |
| CVE-2026-58614 |
Windows Kernel Security Feature Bypass Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-58545 |
Windows Kernel Security Feature Bypass Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-58602 |
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50393 |
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-50396 |
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-50378 |
Windows Key Guard Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50303 |
Windows Key Guard Security Feature Bypass Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-40378 |
Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-49799 |
Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-50371 |
Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-58544 |
Windows Management Services Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50404 |
Windows Media Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-50358 |
Windows Media Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50336 |
Windows Media Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50398 |
Windows Media Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
8.8 |
| CVE-2026-50414 |
Windows Media Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-50379 |
Windows Media Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-50433 |
Windows Media Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-50676 |
Windows Media Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50677 |
Windows Media Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-34349 |
Windows Media Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50394 |
Windows Media Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50415 |
Windows Media Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.3 |
| CVE-2026-57083 |
Windows Media Photo Codec Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50327 |
Windows Media Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-58542 |
Windows Media Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-54115 |
Windows Message Queuing (MSMQ) Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50447 |
Windows Message Queuing Service (MSMQ) Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
9.8 |
| CVE-2026-50505 |
Windows Message Queuing Service (MSMQ) Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50342 |
Windows MIDI Service Module Elevation of Privileges Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-56183 |
Windows MIDI Service Module Elevation of Privileges Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-56187 |
Windows MIDI Service Module Elevation of Privileges Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-58635 |
Windows Narrator Braille Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50500 |
Windows Netlogon Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-56181 |
Windows Network Address Translation (NAT) Spoofing Vulnerability |
Exploitation Less Likely |
No |
8.3 |
| CVE-2026-50476 |
Windows Network Connections Service Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-50450 |
Windows Network Connections Service Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-56650 |
Windows Network File System Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-56649 |
Windows Network File System Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
5.9 |
| CVE-2026-50470 |
Windows Network Policy Server SNMP Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-50496 |
Windows Network Policy Server SNMP Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-56194 |
Windows NFS Server Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-56648 |
Windows NFS Server Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-50337 |
Windows Notification Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-49789 |
Windows NTFS Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.3 |
| CVE-2026-50412 |
Windows NTFS Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50422 |
Windows NTFS Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50672 |
Windows NTFS Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-56175 |
Windows NTFS Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-56182 |
Windows NTFS Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50341 |
Windows NTFS Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-58640 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.3 |
| CVE-2026-49184 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.4 |
| CVE-2026-49797 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50308 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50386 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50309 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50313 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50388 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50448 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50471 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50461 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50417 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50482 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.3 |
| CVE-2026-50494 |
Windows NTFS Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50344 |
Windows OLE Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50686 |
Windows OLE Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.1 |
| CVE-2026-50335 |
Windows Operating Systems Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50317 |
Windows Operating Systems Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-54987 |
Windows Overlay Filter Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50435 |
Windows Overlay Filter Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50409 |
Windows Overlay Filter Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-40400 |
Windows PowerShell Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
8.0 |
| CVE-2026-49166 |
Windows Print Configuration Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55004 |
Windows Print Configuration Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50499 |
Windows Print Spooler Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50383 |
Windows Print Spooler Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.1 |
| CVE-2026-57085 |
Windows Print Spooler Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-58608 |
Windows Print Spooler Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50469 |
Windows Projected File System Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50434 |
Windows Push Notification Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50339 |
Windows Push Notification Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50430 |
Windows Push Notification Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50334 |
Windows Push Notification Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-44800 |
Windows Push Notifications Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50363 |
Windows Push Notifications Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50431 |
Windows Quality of Service (QoS) Packet Scheduler Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50372 |
Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-54982 |
Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-54995 |
Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
8.1 |
| CVE-2026-50666 |
Windows Remote Access Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-56647 |
Windows Remote Access Service Infrastructure Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50330 |
Windows Remote Desktop Client Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-50376 |
Windows Remote Desktop Client Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-50504 |
Windows Remote Desktop Client Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-58533 |
Windows Remote Desktop Client Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-58535 |
Windows Remote Desktop Client Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-58546 |
Windows Remote Desktop Client Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-58539 |
Windows Remote Desktop Client Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
6.5 |
| CVE-2026-55003 |
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
6.5 |
| CVE-2026-57979 |
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-50445 |
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-50497 |
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
6.5 |
| CVE-2026-54126 |
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
6.5 |
| CVE-2026-57982 |
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-50369 |
Windows Remote Desktop Services Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-58626 |
Windows Remote Desktop Services Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
8.8 |
| CVE-2026-55014 |
Windows Remote Help Defense Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50318 |
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50407 |
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50357 |
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50441 |
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50668 |
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
6.8 |
| CVE-2026-54109 |
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-49792 |
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-49793 |
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50362 |
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50492 |
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
6.8 |
| CVE-2026-50501 |
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-58530 |
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-49791 |
Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.1 |
| CVE-2026-50451 |
Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.1 |
| CVE-2026-57096 |
Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50323 |
Windows Runtime Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-50452 |
Windows Runtime Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-50348 |
Windows Runtime Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-50345 |
Windows Runtime Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-50322 |
Windows Runtime Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-50340 |
Windows Runtime Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
8.5 |
| CVE-2026-50410 |
Windows Runtime Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50449 |
Windows Runtime Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50460 |
Windows Runtime Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
8.1 |
| CVE-2026-50403 |
Windows Runtime Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-50385 |
Windows Runtime Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
8.8 |
| CVE-2026-50413 |
Windows Runtime Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50457 |
Windows Runtime Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50486 |
Windows Runtime Elevation of Privilege Vulnerability |
N/A |
No |
7.8 |
| CVE-2026-50503 |
Windows Runtime Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-54125 |
Windows Runtime Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-58527 |
Windows Runtime Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50373 |
Windows Search Service Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50679 |
Windows Search Service Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-44806 |
Windows Secure Channel Denial of Service Vulnerability |
Exploitation Less Likely |
No |
5.3 |
| CVE-2026-50681 |
Windows Secure Channel Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-56186 |
Windows Secure Channel Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
8.1 |
| CVE-2026-42982 |
Windows Secure Kernel Mode Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50392 |
Windows Secure Kernel Mode Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50694 |
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
8.1 |
| CVE-2026-50367 |
Windows Sensor Data Service Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-58619 |
Windows Sensor Data Service Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50311 |
Windows Server Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-56188 |
Windows Server Network driver Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
9.8 |
| CVE-2026-50444 |
Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50328 |
Windows Server Update Service (WSUS) Tampering Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-58531 |
Windows SMB Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.5 |
| CVE-2026-54997 |
Windows SMB Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-49801 |
Windows SMB Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
CVE-2026-50690 |
Windows SMB Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-56168 |
Windows SMB Server Denial of Service Vulnerability |
Exploitation Less Likely |
No |
6.5 |
| CVE-2026-50360 |
Windows SMB Server Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
8.8 |
| CVE-2026-57089 |
Windows SMB Server Network Transport Driver (srvnet.sys) Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
7.5 |
| CVE-2026-50333 |
Windows Spaceport.sys Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50298 |
Windows Spaceport.sys Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
6.8 |
| CVE-2026-49171 |
Windows Speech Runtime Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.5 |
| CVE-2026-49170 |
Windows StateRepository API Server file Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-58526 |
Windows Storage Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50299 |
Windows Storage Spaces Direct Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
6.8 |
| CVE-2026-50418 |
Windows System Secure Feature Bypass Vulnerability |
Exploitation Unlikely |
No |
5.1 |
| CVE-2026-50306 |
Windows TCP/IP Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50307 |
Windows TCP/IP Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-49177 |
Windows TCP/IP Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-54999 |
Windows TCP/IP Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50669 |
Windows Telephony Server Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-54124 |
Windows Terminal Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50350 |
Windows Trusted Runtime Interface Driver Information Disclosure Vulnerability |
Exploitation Unlikely |
No |
5.5 |
| CVE-2026-50326 |
Windows Unified Consent System Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-49790 |
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.3 |
| CVE-2026-50498 |
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-58547 |
Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-49794 |
Windows USB Audio Class Driver Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
4.6 |
| CVE-2026-50453 |
Windows USB Audio Class Driver Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.1 |
| CVE-2026-58528 |
Windows USB Audio Class Driver Information Disclosure Vulnerability |
Exploitation Less Likely |
No |
6.8 |
| CVE-2026-50321 |
Windows USB Driver Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-50479 |
Windows USB Hub Driver Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-55000 |
Windows USB Print Driver Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
6.4 |
| CVE-2026-54991 |
Windows USB Print Driver Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-54996 |
Windows USB Print Driver Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-49802 |
Windows USB Print Driver Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-49806 |
Windows USB Print Driver Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-50674 |
Windows USB Print Driver Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.0 |
| CVE-2026-49804 |
Windows USB Video Driver Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
6.6 |
| CVE-2026-50454 |
Windows User Interface Core Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-49176 |
Windows WalletService Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-49800 |
Windows Web Proxy Auto-Discovery Protocol (WPAD) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50480 |
Windows Web Proxy Auto-Discovery Protocol (WPAD) Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-56173 |
Windows WebView Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.0 |
| CVE-2026-58632 |
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-54107 |
Windows Win32k Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-54986 |
Windows Win32k Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-54112 |
Windows Win32k Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
7.8 |
| CVE-2026-54114 |
Windows Win32k Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-50670 |
Windows Win32k Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-50688 |
Windows Win32k Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
| CVE-2026-50687 |
Windows Win32k Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
8.8 |
| CVE-2026-56176 |
Windows Win32k Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-58628 |
Windows Wireless Network Manager Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
7.8 |
| CVE-2026-50295 |
Windows Zero Trust DNS Security Feature Bypass Vulnerability |
Exploitation Less Likely |
No |
5.5 |
| CVE-2026-50509 |
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
7.8 |
Zero-Day Vulnerabilities: Known Exploited
|
CVE |
Title |
Exploitation status |
Publicly disclosed? |
CVSS v3 base score |
|---|---|---|---|---|
| CVE-2026-56155 |
Active Directory Federation Services Elevation of Privilege Vulnerability |
Exploitation Detected |
No |
7.8 |
| CVE-2026-56164 |
Microsoft SharePoint Server Elevation of Privilege Vulnerability |
Exploitation Detected |
No |
5.3 |
Zero-Day Vulnerabilities: Publicly Disclosed (No known exploitation)
|
CVE |
Title |
Exploitation status |
Publicly disclosed? |
CVSS v3 base score |
|---|---|---|---|---|
| CVE-2026-50661 |
Windows BitLocker Security Feature Bypass Vulnerability |
Exploitation Less Likely |
Yes |
6.1 |
Critical RCEs
|
CVE |
Title |
Exploitation status |
Publicly disclosed? |
CVSS v3 base score |
|---|---|---|---|---|
| CVE-2026-56159 |
DHCP Server Service Remote Code Execution Vulnerability |
Exploitation Unlikely |
No |
9.8 |
| CVE-2026-48561 |
Microsoft Copilot Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
9.6 |
| CVE-2026-55944 |
Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
9.8 |
| CVE-2026-55008 |
Microsoft Exchange Server Spoofing Vulnerability |
Exploitation More Likely |
No |
9.6 |
| CVE-2026-50522 |
Microsoft SharePoint Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
9.8 |
| CVE-2026-58644 |
Microsoft SharePoint Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
9.8 |
| CVE-2026-55040 |
Microsoft SharePoint Server Security Feature Bypass Vulnerability |
Exploitation More Likely |
No |
9.1 |
| CVE-2026-57092 |
Microsoft Windows VMSwitch Elevation of Privilege Vulnerability |
Exploitation Less Likely |
No |
9.9 |
| CVE-2026-55010 |
Minecraft Bedrock Dedicated Server Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
9.8 |
| CVE-2026-54990 |
Remote Desktop Client Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
9.8 |
| CVE-2026-56190 |
Remote Desktop Protocol Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
9.8 |
| CVE-2026-42990 |
SQL Server ODBC driver Elevation of Privilege Vulnerability |
Exploitation Unlikely |
No |
9.8 |
| CVE-2026-50518 |
Windows DHCP Server Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
9.8 |
| CVE-2026-49172 |
Windows FTP Service Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
9.8 |
| CVE-2026-50380 |
Windows GDI+ Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
9.6 |
| CVE-2026-49798 |
Windows Kernel Elevation of Privilege Vulnerability |
Exploitation More Likely |
No |
9.3 |
| CVE-2026-50447 |
Windows Message Queuing Service (MSMQ) Remote Code Execution Vulnerability |
Exploitation Less Likely |
No |
9.8 |
| CVE-2026-56188 |
Windows Server Network driver Remote Code Execution Vulnerability |
Exploitation More Likely |
No |
9.8 |



. Azure findings are prioritized next to your AWS findings using the same finding format, automation, and response workflows, so your team works from one understanding of risk across your entire estate. Azure resources are priced at the same rates as equivalent AWS resources with no additional fees, and there’s an independent 30-day free trial. To learn more, see the 








