Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
5.5 MEDIUM
CVE-2026-42970 — Windows Push Notification Information Disclosure Vulnerability

Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 +1 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
5.5 MEDIUM
CVE-2026-42969 — Windows Push Notification Information Disclosure Vulnerability

Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.

windows_10 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 windows_server_2025
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
5.5 MEDIUM
CVE-2026-42968 — Windows Telephony Server Information Disclosure Vulnerability

Out-of-bounds read in Windows Telephony Service allows an authorized attacker to disclose information locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 +1 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.8 HIGH
CVE-2026-42916 — NT OS Kernel Elevation of Privilege Vulnerability

Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 +1 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
5.7 MEDIUM
CVE-2026-42915 — Windows TCP/IP Denial of Service Vulnerability

Incorrect calculation of buffer size in Windows TCP/IP allows an authorized attacker to deny service over an adjacent network.

windows_10 windows_server_2022 windows_11 windows_server_2025
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
5.3 MEDIUM
CVE-2026-42914 — Windows Kerberos Denial of Service Vulnerability

Windows Kerberos Denial of Service Vulnerability

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 +1 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.5 HIGH
CVE-2026-42913 — Remote Desktop Client Remote Code Execution Vulnerability

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

windows_server_2022 windows_11 windows_server_2025
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.0 HIGH
CVE-2026-42912 — Windows Telephony Service Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Telephony Service allows an authorized attacker to elevate privileges locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 +1 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.0 HIGH
CVE-2026-42911 — Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 +1 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.8 HIGH
CVE-2026-42910 — Windows Hotpatch Monitoring Service Elevation of Privilege Vulnerability

Out-of-bounds write in Windows Hotpatch Monitoring Service allows an authorized attacker to elevate privileges locally.

windows_11 windows_server_2025
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.5 HIGH
CVE-2026-42909 — Remote Desktop Client Remote Code Execution Vulnerability

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 +2 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.5 HIGH
CVE-2026-42908 — Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 +2 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
6.5 MEDIUM
CVE-2026-42907 — Windows Shell Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally.

windows_10 windows_server_2019 windows_server_2022 windows_11 windows_server_2025
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
5.5 MEDIUM
CVE-2026-42906 — Windows Shell Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally.

windows_10 windows_server_2022 windows_11 windows_server_2025
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.8 HIGH
CVE-2026-42905 — Windows DWM Core Library Elevation of Privilege Vulnerability

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 +1 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
9.6 CRITICAL
CVE-2026-42904 — Windows TCP/IP Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate privileges over an adjacent network.

windows_10 windows_server_2022 windows_11 windows_server_2025
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
6.5 MEDIUM
CVE-2026-42903 — Windows Kerberos Denial of Service Vulnerability

Null pointer dereference in Windows Kerberos allows an authorized attacker to deny service over a network.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 +1 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.8 HIGH
CVE-2026-42902 — Microsoft PowerToys Elevation of Privilege Vulnerability

Improper authorization in Microsoft PowerToys allows an authorized attacker to elevate privileges locally.

Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.8 HIGH
CVE-2026-42837 — Windows Projected File System Elevation of Privilege Vulnerability

Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally.

windows_10 windows_server_2019 windows_server_2022 windows_11 windows_server_2025
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.0 HIGH
CVE-2026-42836 — Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 +1 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
Showing 20 of 7472 Results