Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
3.3 LOW
CVE-2026-45455 — Microsoft Excel Information Disclosure Vulnerability

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.

office_online_server excel_2016 office_2019
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
6.5 MEDIUM
CVE-2026-45454 — Microsoft SharePoint Remote Code Execution Vulnerability

Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

sharepoint_enterprise_server_2016 sharepoint_server_2019
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
5.4 MEDIUM
CVE-2026-45453 — Microsoft SharePoint Server Spoofing Vulnerability

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

sharepoint_enterprise_server_2016 sharepoint_server_2019
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
0.0 NA
CVE-2026-45447 — Heap Use-After-Free in the PKCS7_verify() Function

Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification. Impact summary: A use-after-free may result in process crashes…

| Memory Corruption
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
0.0 NA
CVE-2026-45446 — Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) mishandle the authentication of AAD (Additional Authenticated Data) with an empty ciphertext allowing a forgery of …

| Cryptography
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
0.0 NA
CVE-2026-45445 — AES-OCB IV Ignored on EVP_Cipher() Path

Issue summary: When an application drives an AES-OCB context through the public EVP_Cipher() one-shot interface, the application-supplied initialisation vector (IV) is silently discarded. Impact sum…

| Cryptography
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.8 HIGH
CVE-2026-44824 — Microsoft Office Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

sharepoint_enterprise_server_2016 office_2016 sharepoint_server_2019 office_2019
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.8 HIGH
CVE-2026-44823 — Microsoft Excel Remote Code Execution Vulnerability

Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

office_online_server excel_2016 office_2019
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
8.2 HIGH
CVE-2026-44822 — Microsoft Excel Information Disclosure Vulnerability

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.

office_online_server excel_2016 office_2019
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
5.5 MEDIUM
CVE-2026-44821 — Microsoft Office Information Disclosure Vulnerability

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

sharepoint_enterprise_server_2016 office_2016 sharepoint_server_2019 office_2019
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.8 HIGH
CVE-2026-44820 — Microsoft Excel Remote Code Execution Vulnerability

Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

office_online_server excel_2016 office_2019
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.8 HIGH
CVE-2026-44819 — Microsoft Office Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

sharepoint_enterprise_server_2016 office_2016 sharepoint_server_2019 office_2019
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.0 HIGH
CVE-2026-44818 — Microsoft Excel Remote Code Execution Vulnerability

Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

office_online_server excel_2016 office_2019
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.8 HIGH
CVE-2026-44817 — Microsoft Excel Remote Code Execution Vulnerability

Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

office_online_server excel_2016 office_2019
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
9.8 CRITICAL
CVE-2026-44815 — DHCP Client Service Remote Code Execution Vulnerability

Stack-based buffer overflow in Windows DHCP Client allows an unauthorized attacker to execute code over a network.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 +1 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
5.5 MEDIUM
CVE-2026-44814 — Windows DWM Core Library Information Disclosure Vulnerability

Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally.

windows_11
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.8 HIGH
CVE-2026-44813 — Windows DWM Core Library Elevation of Privilege Vulnerability

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

windows_11
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.8 HIGH
CVE-2026-44812 — Windows Graphics Component Remote Code Execution Vulnerability

Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 +1 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.8 HIGH
CVE-2026-44811 — Windows DWM Core Library Elevation of Privilege Vulnerability

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

windows_11
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
8.4 HIGH
CVE-2026-44810 — Microsoft Cryptographic Services Elevation of Privilege Vulnerability

Improper authentication in Windows Cryptographic Services allows an unauthorized attacker to elevate privileges locally.

windows_server_2022 windows_11 windows_server_2025
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
Showing 20 of 7347 Results