Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

7.8

HIGH

CVE-2025-59275

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products
Published: Oct. 14, 2025

Modified: Oct. 27, 2025
7.8

HIGH

CVE-2025-59243

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally....

Affected Products : 365_apps office_long_term_servicing_channel office_2024 office_2021
Published: Oct. 14, 2025

Modified: Oct. 16, 2025
7.8

HIGH

CVE-2025-59207

Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +3 more products
Published: Oct. 14, 2025

Modified: Oct. 17, 2025
7.8

HIGH

CVE-2025-50175

Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +3 more products
Published: Oct. 14, 2025

Modified: Oct. 16, 2025
7.8

HIGH

CVE-2025-53150

Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 windows_server_2025 +2 more products
Published: Oct. 14, 2025

Modified: Oct. 20, 2025
7.8

HIGH

CVE-2025-53768

Use after free in Xbox allows an authorized attacker to elevate privileges locally....

Affected Products : windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_22h2 windows_10_1507 windows_11_23h2 windows_11_24h2 windows_11_25h2
Published: Oct. 14, 2025

Modified: Oct. 20, 2025
7.8

HIGH

CVE-2025-58728

Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_22h2 windows_11_23h2 windows_server_23h2 windows_11_24h2 windows_server_2025 windows_11_2h2
Published: Oct. 14, 2025

Modified: Oct. 14, 2025
7.8

HIGH

CVE-2025-58722

Heap-based buffer overflow in Windows DWM allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_23h2 +3 more products
Published: Oct. 14, 2025

Modified: Oct. 14, 2025
7.8

HIGH

CVE-2025-55677

Untrusted pointer dereference in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally....

Affected Products : windows_11_24h2 windows_server_2025 windows_11_25h2 windows_11_2h2
Published: Oct. 14, 2025

Modified: Oct. 24, 2025
7.8

HIGH

CVE-2025-59242

Heap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products
Published: Oct. 14, 2025

Modified: Oct. 17, 2025
7.8

HIGH

CVE-2025-24052

Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October c...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +11 more products
Published: Oct. 14, 2025

Modified: Oct. 20, 2025
7.8

HIGH

CVE-2025-20733

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00441509; ...

Affected Products :
Published: Nov. 04, 2025

Modified: Nov. 04, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-20728

In wlan STA driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00447115;...

Affected Products :
Published: Nov. 04, 2025

Modified: Nov. 04, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-59187

Improper input validation in Windows Kernel allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +8 more products
Published: Oct. 14, 2025

Modified: Oct. 14, 2025
7.8

HIGH

CVE-2025-59191

Heap-based buffer overflow in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 +3 more products
Published: Oct. 14, 2025

Modified: Oct. 17, 2025
7.8

HIGH

CVE-2025-59494

Improper access control in Azure Monitor Agent allows an authorized attacker to elevate privileges locally....

Affected Products : azure_monitor_agent
Published: Oct. 14, 2025

Modified: Oct. 22, 2025
7.8

HIGH

CVE-2025-47367

Memory corruption while accessing a buffer during IOCTL processing....

Affected Products :
Published: Nov. 04, 2025

Modified: Nov. 04, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-47365

Memory corruption while processing large input data from a remote source via a communication interface....

Affected Products :
Published: Nov. 04, 2025

Modified: Nov. 04, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-47360

Memory corruption while processing client message during device management....

Affected Products :
Published: Nov. 04, 2025

Modified: Nov. 04, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-46423

Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execu...

Affected Products : unity_operating_environment
Published: Oct. 30, 2025

Modified: Nov. 04, 2025

Vuln Type: Injection

Showing 20 of 3912 Results

Browse by Apps

Latest CVE Feed

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable