Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
8.1 HIGH
CVE-2026-40415 — Windows TCP/IP Remote Code Execution Vulnerability

Use after free in Windows TCP/IP allows an unauthorized attacker to execute code over a network.

windows_10 windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 +8 more
May 12, 2026 May 15, 2026
May 12, 2026
May 15, 2026
7.4 HIGH
CVE-2026-40414 — Windows TCP/IP Denial of Service Vulnerability

Windows TCP/IP Denial of Service Vulnerability

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more
May 12, 2026 Jun 01, 2026
May 12, 2026
Jun 01, 2026
7.4 HIGH
CVE-2026-40413 — Windows TCP/IP Denial of Service Vulnerability

Windows TCP/IP Denial of Service Vulnerability

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more
May 12, 2026 Jun 01, 2026
May 12, 2026
Jun 01, 2026
7.0 HIGH
CVE-2026-40410 — Windows SMB Client Elevation of Privilege Vulnerability

Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more
May 12, 2026 May 15, 2026
May 12, 2026
May 15, 2026
7.8 HIGH
CVE-2026-40408 — Windows WAN ARP Driver Elevation of Privilege Vulnerability

Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more
May 12, 2026 May 15, 2026
May 12, 2026
May 15, 2026
7.8 HIGH
CVE-2026-40407 — Windows Common Log File System Driver Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +13 more
May 12, 2026 May 15, 2026
May 12, 2026
May 15, 2026
7.5 HIGH
CVE-2026-40406 — Windows TCP/IP Information Disclosure Vulnerability

Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more
May 12, 2026 May 15, 2026
May 12, 2026
May 15, 2026
7.5 HIGH
CVE-2026-40405 — Windows TCP/IP Denial of Service Vulnerability

Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over a network.

windows_11 windows_11_24h2 windows_server_2025 windows_11_25h2 windows_11_26h1
May 12, 2026 May 15, 2026
May 12, 2026
May 15, 2026
8.8 HIGH
CVE-2026-40403 — Windows Graphics Component Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to execute code locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more
May 12, 2026 May 15, 2026
May 12, 2026
May 15, 2026
9.3 CRITICAL
CVE-2026-40402 — Windows Hyper-V Elevation of Privilege Vulnerability

Use after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally.

windows_server_2022 windows_11 windows_11_23h2
May 12, 2026 May 15, 2026
May 12, 2026
May 15, 2026
7.1 HIGH
CVE-2026-40401 — Windows TCP/IP Denial of Service Vulnerability

Windows TCP/IP Denial of Service Vulnerability

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more
May 12, 2026 Jun 01, 2026
May 12, 2026
Jun 01, 2026
7.8 HIGH
CVE-2026-40399 — Windows TCP/IP Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

windows_10 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 +10 more
May 12, 2026 Jun 01, 2026
May 12, 2026
Jun 01, 2026
7.8 HIGH
CVE-2026-40398 — Windows Remote Desktop Services Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more
May 12, 2026 May 15, 2026
May 12, 2026
May 15, 2026
7.8 HIGH
CVE-2026-40397 — Windows Common Log File System Driver Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more
May 12, 2026 Jun 01, 2026
May 12, 2026
Jun 01, 2026
7.8 HIGH
CVE-2026-40382 — Windows Telephony Service Elevation of Privilege Vulnerability

Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more
May 12, 2026 May 15, 2026
May 12, 2026
May 15, 2026
7.8 HIGH
CVE-2026-40381 — Azure Connected Machine Agent Elevation of Privilege Vulnerability

Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.

azure_connected_machine_agent
May 12, 2026 May 18, 2026
May 12, 2026
May 18, 2026
6.2 MEDIUM
CVE-2026-40380 — Windows Volume Manager Extension Driver Remote Code Execution Vulnerability

Heap-based buffer overflow in Volume Manager Extension Driver allows an authorized attacker to execute code with a physical attack.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more
May 12, 2026 May 14, 2026
May 12, 2026
May 14, 2026
9.3 CRITICAL
CVE-2026-40379 — Azure Entra ID Spoofing Vulnerability

Exposure of sensitive information to an unauthorized actor in Azure Entra ID allows an unauthorized attacker to perform spoofing over a network.

microsoft_entra_id entra_id azure_enterprise_security_token_service
May 12, 2026 May 21, 2026
May 12, 2026
May 21, 2026
7.8 HIGH
CVE-2026-40377 — Microsoft Cryptographic Services Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more
May 12, 2026 May 14, 2026
May 12, 2026
May 14, 2026
6.5 MEDIUM
CVE-2026-40374 — Microsoft Power Automate Desktop Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Power Automate allows an authorized attacker to disclose information over a network.

power_automate_for_desktop
May 12, 2026 May 19, 2026
May 12, 2026
May 19, 2026
Showing 20 of 7390 Results