Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
7.8 HIGH
CVE-2026-58602 — Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Use after free in Windows Kernel Mode Driver allows an authorized attacker to elevate privileges locally.

Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
7.8 HIGH
CVE-2026-58601 — Virtual Hard Disk (VHD) Miniport Driver Elevation of Privilege Vulernability

Heap-based buffer overflow in Virtual Hard Disk (VHD) Miniport Driver allows an authorized attacker to elevate privileges locally.

Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
8.1 HIGH
CVE-2026-58595 — Microsoft Bing App for IOS Spoofing Vulnerability

Improper restriction of rendered ui layers or frames in Microsoft Bing App for IOS allows an unauthorized attacker to perform spoofing over a network.

Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
7.0 HIGH
CVE-2026-58526 — Windows Storage Elevation of Privilege Vulnerability

Use after free in Windows Storage allows an authorized attacker to elevate privileges locally.

Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
6.5 MEDIUM
CVE-2026-58279 — Azure CycleCloud Elevation of Privilege Vulnerability

Missing authorization in Azure CycleCloud allows an authorized attacker to elevate privileges over a network.

Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
6.5 MEDIUM
CVE-2026-57979 — Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network.

Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
6.5 MEDIUM
CVE-2026-57976 — Windows Active Directory Domain Services Denial of Service Vulnerability

Null pointer dereference in Active Directory Domain Services allows an authorized attacker to deny service over a network.

Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
8.8 HIGH
CVE-2026-57969 — Azure CycleCloud Elevation of Privilege Vulnerability

Missing authentication for critical function in Azure CycleCloud allows an authorized attacker to elevate privileges over a network.

Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
7.8 HIGH
CVE-2026-57107 — Windows Admin Center Elevation of Privilege Vulnerability

Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges locally.

Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
6.4 MEDIUM
CVE-2026-57097 — Microsoft XML Security Feature Bypass Vulnerability

Untrusted search path in Microsoft XML allows an unauthorized attacker to bypass a security feature with a physical attack.

Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
7.1 HIGH
CVE-2026-56193 — Microsoft Office Information Disclosure Vulnerability

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
6.5 MEDIUM
CVE-2026-56185 — Windows Admin Center Information Disclosure Vulnerability

Improper authentication in Windows Admin Center allows an authorized attacker to disclose information over a network.

Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
7.5 HIGH
CVE-2026-56170 — ASP.NET Core Denial of Service Vulnerability

Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.

Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
8.1 HIGH
CVE-2026-56169 — Windows Admin Center Elevation of Privilege Vulnerability

Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network.

Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
5.3 MEDIUM
CVE-2026-56164 — Microsoft SharePoint Server Elevation of Privilege Vulnerability

Missing authentication for critical function in Microsoft Office SharePoint allows an unauthorized attacker to elevate privileges over a network.

Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
7.8 HIGH
CVE-2026-56155 — Active Directory Federation Services Elevation of Privilege Vulnerability

Insufficient granularity of access control in Active Directory Federation Services (AD FS) allows an authorized attacker to elevate privileges locally.

Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
7.8 HIGH
CVE-2026-55948 — Microsoft Excel Remote Code Execution Vulnerability

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
7.8 HIGH
CVE-2026-55899 — Microsoft Excel Remote Code Execution Vulnerability

Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
7.1 HIGH
CVE-2026-55144 — Windows Cryptography API: Next Generation (CNG) Tampering Vulnerability

Missing cryptographic step in Windows CryptoAPI allows an authorized attacker to perform tampering locally.

Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
7.8 HIGH
CVE-2026-55014 — Windows Remote Help Defense Elevation of Privilege Vulnerability

Improper access control in Windows Remote Help Defense allows an authorized attacker to elevate privileges locally.

Jul 14, 2026 Jul 14, 2026
Jul 14, 2026
Jul 14, 2026
Showing 20 of 8129 Results