Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
7.8 HIGH
CVE-2026-34336 — Windows DWM Core Library Information Disclosure Vulnerability

Buffer over-read in Windows DWM Core Library allows an authorized attacker to disclose information locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.8 HIGH
CVE-2026-34334 — Windows TCP/IP Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.8 HIGH
CVE-2026-34333 — Windows Win32k Elevation of Privilege Vulnerability

Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
8.0 HIGH
CVE-2026-34332 — Windows Kernel-Mode Driver Remote Code Execution Vulnerability

Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to execute code over a network.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.0 HIGH
CVE-2026-34331 — Win32k Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.8 HIGH
CVE-2026-34330 — Win32k Elevation of Privilege Vulnerability

Integer overflow or wraparound in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
8.8 HIGH
CVE-2026-34329 — Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.8 HIGH
CVE-2026-33841 — Windows Kernel Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.8 HIGH
CVE-2026-33840 — Win32k Elevation of Privilege Vulnerability

Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.0 HIGH
CVE-2026-33839 — Win32k Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.8 HIGH
CVE-2026-33838 — Windows Message Queuing (MSMQ) Elevation of Privilege Vulnerability

Double free in Windows Message Queuing allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.8 HIGH
CVE-2026-33837 — Windows TCP/IP Local Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.8 HIGH
CVE-2026-33835 — Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.8 HIGH
CVE-2026-33834 — Windows Event Logging Service Elevation of Privilege Vulnerability

Improper access control in Windows Event Logging Service allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
8.2 HIGH
CVE-2026-33833 — Azure Machine Learning Notebook Spoofing Vulnerability

Improper neutralization of special elements in output used by a downstream component ('injection') in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.7 HIGH
CVE-2026-33821 — Microsoft Dynamics 365 Customer Insights Elevation of Privilege Vulnerability

Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
9.1 CRITICAL
CVE-2026-33117 — Azure SDK for Java Security Feature Bypass Vulnerability

Improper authentication in Azure SDK allows an unauthorized attacker to bypass a security feature over a network.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
8.8 HIGH
CVE-2026-33112 — Microsoft SharePoint Server Remote Code Execution Vulnerability

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
8.8 HIGH
CVE-2026-33110 — Microsoft SharePoint Server Remote Code Execution Vulnerability

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
4.4 MEDIUM
CVE-2026-32209 — Windows Filtering Platform (WFP) Security Feature Bypass Vulnerability

Improper access control in Windows Filtering Platform (WFP) allows an authorized attacker to bypass a security feature locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
Showing 20 of 6263 Results