Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
8.4 HIGH
CVE-2026-40361 — Microsoft Word Remote Code Execution Vulnerability

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.8 HIGH
CVE-2026-40360 — Microsoft Excel Information Disclosure Vulnerability

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.8 HIGH
CVE-2026-40359 — Microsoft Excel Remote Code Execution Vulnerability

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
8.4 HIGH
CVE-2026-40358 — Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
8.8 HIGH
CVE-2026-40357 — Microsoft SharePoint Server Remote Code Execution Vulnerability

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
5.5 MEDIUM
CVE-2026-35440 — Microsoft Word Information Disclosure Vulnerability

Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
8.8 HIGH
CVE-2026-35439 — Microsoft SharePoint Server Remote Code Execution Vulnerability

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
8.3 HIGH
CVE-2026-35438 — Windows Admin Center Elevation of Privilege Vulnerability

Missing authorization in Windows Admin Center allows an authorized attacker to elevate privileges over a network.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
8.8 HIGH
CVE-2026-35436 — Microsoft Office Click-To-Run Elevation of Privilege Vulnerability

Insufficient granularity of access control in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.3 HIGH
CVE-2026-35433 — .NET Elevation of Privilege Vulnerability

Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
4.3 MEDIUM
CVE-2026-35429 — Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability

User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.5 HIGH
CVE-2026-35424 — Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability

Missing release of memory after effective lifetime in Windows Internet Key Exchange (IKE) Protocol allows an unauthorized attacker to deny service over a network.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
5.4 MEDIUM
CVE-2026-35423 — Windows 11 Telnet Client Information Disclosure Vulnerability

Out-of-bounds read in Telnet Client allows an unauthorized attacker to disclose information over a network.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
6.5 MEDIUM
CVE-2026-35422 — Windows TCP/IP Driver Security Feature Bypass Vulnerability

Authentication bypass using an alternate path or channel in Windows TCP/IP allows an authorized attacker to bypass a security feature over a network.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.8 HIGH
CVE-2026-35421 — Windows GDI Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows GDI allows an unauthorized attacker to execute code locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.8 HIGH
CVE-2026-35420 — Windows Kernel Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
5.5 MEDIUM
CVE-2026-35419 — Windows DWM Core Library Information Disclosure Vulnerability

Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.8 HIGH
CVE-2026-35418 — Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.8 HIGH
CVE-2026-35417 — Windows Win32k Elevation of Privilege Vulnerability

Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.0 HIGH
CVE-2026-35416 — Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
Showing 20 of 6156 Results