Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
4.3 MEDIUM
CVE-2026-40421 — Microsoft Word Information Disclosure Vulnerability

External control of file name or path in Microsoft Office Word allows an unauthorized attacker to disclose information over a network.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
8.8 HIGH
CVE-2026-40420 — Microsoft Office Click-To-Run Elevation of Privilege Vulnerability

Improper access control in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.8 HIGH
CVE-2026-40419 — Microsoft Office Click-To-Run Elevation of Privilege Vulnerability

Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.8 HIGH
CVE-2026-40418 — Microsoft Office Click-To-Run Elevation of Privilege Vulnerability

Use after free in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.8 HIGH
CVE-2026-40417 — Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability

Weak authentication in Dynamics Business Central allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
4.3 MEDIUM
CVE-2026-40416 — Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability

User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

edge_chromium
May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
8.1 HIGH
CVE-2026-40415 — Windows TCP/IP Remote Code Execution Vulnerability

Use after free in Windows TCP/IP allows an unauthorized attacker to execute code over a network.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.4 HIGH
CVE-2026-40414 — Windows TCP/IP Denial of Service Vulnerability

Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over an adjacent network.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.4 HIGH
CVE-2026-40413 — Windows TCP/IP Denial of Service Vulnerability

Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over an adjacent network.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.0 HIGH
CVE-2026-40410 — Windows SMB Client Elevation of Privilege Vulnerability

Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.8 HIGH
CVE-2026-40408 — Windows WAN ARP Driver Elevation of Privilege Vulnerability

Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.8 HIGH
CVE-2026-40407 — Windows Common Log File System Driver Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.5 HIGH
CVE-2026-40406 — Windows TCP/IP Information Disclosure Vulnerability

Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.5 HIGH
CVE-2026-40405 — Windows TCP/IP Denial of Service Vulnerability

Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over a network.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
8.8 HIGH
CVE-2026-40403 — Windows Graphics Component Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to execute code locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
9.3 CRITICAL
CVE-2026-40402 — Windows Hyper-V Elevation of Privilege Vulnerability

Use after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.1 HIGH
CVE-2026-40401 — Windows TCP/IP Denial of Service Vulnerability

Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.8 HIGH
CVE-2026-40399 — Windows TCP/IP Elevation of Privilege Vulnerability

Stack-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.8 HIGH
CVE-2026-40398 — Windows Remote Desktop Services Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
7.8 HIGH
CVE-2026-40397 — Windows Common Log File System Driver Elevation of Privilege Vulnerability

Integer underflow (wrap or wraparound) in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

May 12, 2026 May 12, 2026
May 12, 2026
May 12, 2026
Showing 20 of 6242 Results