Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
5.5 MEDIUM
CVE-2026-21258 — Microsoft Excel Information Disclosure Vulnerability

Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

office 365_apps excel office_online_server office_long_term_servicing_channel office_macos_2024 +5 more | Information Disclosure
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
8.0 HIGH
CVE-2026-21257 — GitHub Copilot and Visual Studio Elevation of Privilege Vulnerability

Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an authorized attacker to elevate privileges over a network.

visual_studio_2022 | Remote | Injection
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
8.8 HIGH
CVE-2026-21256 — GitHub Copilot and Visual Studio Remote Code Execution Vulnerability

Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code over a network.

visual_studio_2022 | Remote | Injection
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
8.8 HIGH
CVE-2026-21255 — Windows Hyper-V Security Feature Bypass Vulnerability

Improper access control in Windows Hyper-V allows an authorized attacker to bypass a security feature locally.

windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 +8 more | Authorization
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.0 HIGH
CVE-2026-21253 — Mailslot File System Elevation of Privilege Vulnerability

Use after free in Mailslot File System allows an authorized attacker to elevate privileges locally.

windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 +10 more | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.8 HIGH
CVE-2026-21251 — Cluster Client Failover (CCF) Elevation of Privilege Vulnerability

Use after free in Windows Cluster Client Failover allows an authorized attacker to elevate privileges locally.

windows_server_2016 windows_server_2019 windows_server_2022 windows_server_2022_23h2 windows_server_23h2 windows_server_2025 | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.8 HIGH
CVE-2026-21250 — Windows HTTP.sys Elevation of Privilege Vulnerability

Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.

windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 windows_server_2025 windows_11_25h2 windows_11_26h1 | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
3.3 LOW
CVE-2026-21249 — Windows NTLM Spoofing Vulnerability

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing locally.

windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 +10 more | Path Traversal
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.3 HIGH
CVE-2026-21248 — Windows Hyper-V Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.

windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 +8 more | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.3 HIGH
CVE-2026-21247 — Windows Hyper-V Remote Code Execution Vulnerability

Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally.

windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 +8 more | Injection
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.8 HIGH
CVE-2026-21246 — Windows Graphics Component Elevation of Privilege Vulnerability

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 +9 more | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.8 HIGH
CVE-2026-21245 — Windows Kernel Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

windows_11_24h2 windows_server_2025 windows_11_25h2 windows_11_26h1 | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.3 HIGH
CVE-2026-21244 — Windows Hyper-V Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.

windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 +8 more | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.5 HIGH
CVE-2026-21243 — Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.

windows_server_2019 windows_server_2022 windows_server_2022_23h2 windows_server_23h2 windows_server_2025 | Remote | Denial of Service
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.0 HIGH
CVE-2026-21242 — Windows Subsystem for Linux Elevation of Privilege Vulnerability

Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.

windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 +4 more | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.0 HIGH
CVE-2026-21241 — Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

windows_server_2022 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 windows_server_2025 +2 more | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.8 HIGH
CVE-2026-21240 — Windows HTTP.sys Elevation of Privilege Vulnerability

Time-of-check time-of-use (toctou) race condition in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.

windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_23h2 +6 more | Race Condition
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.8 HIGH
CVE-2026-21239 — Windows Kernel Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 +9 more | Memory Corruption
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.8 HIGH
CVE-2026-21238 — Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 +10 more | Authorization
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
7.0 HIGH
CVE-2026-21237 — Windows Subsystem for Linux Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.

windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 +4 more | Race Condition
Feb 10, 2026 Feb 11, 2026
Feb 10, 2026
Feb 11, 2026
Showing 20 of 5090 Results