Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
7.8 HIGH
CVE-2026-21312 — Audition | Out-of-bounds Write (CWE-787)

Audition versions 25.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue re…

audition | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
5.5 MEDIUM
CVE-2026-21261 — Microsoft Excel Information Disclosure Vulnerability

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 +5 more | Information Disclosure
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.5 HIGH
CVE-2026-21260 — Microsoft Outlook Spoofing Vulnerability

Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.

office sharepoint_server 365_apps outlook office_long_term_servicing_channel outlook_2016 +5 more | Remote | Information Disclosure
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.8 HIGH
CVE-2026-21259 — Microsoft Excel Elevation of Privilege Vulnerability

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally.

office 365_apps excel office_online_server office_long_term_servicing_channel excel_2016 +3 more | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
5.5 MEDIUM
CVE-2026-21258 — Microsoft Excel Information Disclosure Vulnerability

Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 +5 more | Information Disclosure
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
8.0 HIGH
CVE-2026-21257 — GitHub Copilot and Visual Studio Elevation of Privilege Vulnerability

Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an authorized attacker to elevate privileges over a network.

visual_studio_2022 | Remote | Injection
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
8.8 HIGH
CVE-2026-21256 — GitHub Copilot and Visual Studio Remote Code Execution Vulnerability

Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code over a network.

visual_studio_2022 | Remote | Injection
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
8.8 HIGH
CVE-2026-21255 — Windows Hyper-V Security Feature Bypass Vulnerability

Improper access control in Windows Hyper-V allows an authorized attacker to bypass a security feature locally.

windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 +8 more | Authorization
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.0 HIGH
CVE-2026-21253 — Mailslot File System Elevation of Privilege Vulnerability

Use after free in Mailslot File System allows an authorized attacker to elevate privileges locally.

windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 +10 more | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.8 HIGH
CVE-2026-21251 — Cluster Client Failover (CCF) Elevation of Privilege Vulnerability

Use after free in Windows Cluster Client Failover allows an authorized attacker to elevate privileges locally.

windows_server_2016 windows_server_2019 windows_server_2022 windows_server_2022_23h2 windows_server_23h2 windows_server_2025 | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.8 HIGH
CVE-2026-21250 — Windows HTTP.sys Elevation of Privilege Vulnerability

Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.

windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 windows_server_2025 windows_11_25h2 windows_11_26h1 | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
3.3 LOW
CVE-2026-21249 — Windows NTLM Spoofing Vulnerability

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing locally.

windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 +10 more | Path Traversal
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.3 HIGH
CVE-2026-21248 — Windows Hyper-V Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.

windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 +8 more | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.3 HIGH
CVE-2026-21247 — Windows Hyper-V Remote Code Execution Vulnerability

Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally.

windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 +8 more | Injection
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.8 HIGH
CVE-2026-21246 — Windows Graphics Component Elevation of Privilege Vulnerability

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 +9 more | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.8 HIGH
CVE-2026-21245 — Windows Kernel Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

windows_11_24h2 windows_server_2025 windows_11_25h2 windows_11_26h1 | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.3 HIGH
CVE-2026-21244 — Windows Hyper-V Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.

windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 +8 more | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.5 HIGH
CVE-2026-21243 — Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.

windows_server_2019 windows_server_2022 windows_server_2022_23h2 windows_server_23h2 windows_server_2025 | Remote | Denial of Service
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.0 HIGH
CVE-2026-21242 — Windows Subsystem for Linux Elevation of Privilege Vulnerability

Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.

windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 +4 more | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.0 HIGH
CVE-2026-21241 — Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

windows_server_2022 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 windows_server_2025 +2 more | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
Showing 20 of 5071 Results