Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
8.1 HIGH
CVE-2026-33827 — Windows TCP/IP Remote Code Execution Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an unauthorized attacker to execute code over a network.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
8.0 HIGH
CVE-2026-33826 — Windows Active Directory Remote Code Execution Vulnerability

Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-33825 — Microsoft Defender Elevation of Privilege Vulnerability

Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
9.8 CRITICAL
CVE-2026-33824 — Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability

Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
6.1 MEDIUM
CVE-2026-33822 — Microsoft Word Information Disclosure Vulnerability

Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
8.8 HIGH
CVE-2026-33120 — Microsoft SQL Server Remote Code Execution Vulnerability

Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.5 HIGH
CVE-2026-33116 — .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
8.4 HIGH
CVE-2026-33115 — Microsoft Word Remote Code Execution Vulnerability

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
8.4 HIGH
CVE-2026-33114 — Microsoft Word Remote Code Execution Vulnerability

Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.0 HIGH
CVE-2026-33104 — Win32k Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
5.5 MEDIUM
CVE-2026-33103 — Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

Improper access control in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to disclose information locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-33101 — Windows Print Spooler Elevation of Privilege Vulnerability

Use after free in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.0 HIGH
CVE-2026-33100 — Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.0 HIGH
CVE-2026-33099 — Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-33098 — Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability

Use after free in Windows Container Isolation FS Filter Driver allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.5 HIGH
CVE-2026-33096 — HTTP.sys Denial of Service Vulnerability

Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-33095 — Microsoft Word Remote Code Execution Vulnerability

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
5.9 MEDIUM
CVE-2026-32226 — .NET Framework Denial of Service Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in .NET Framework allows an unauthorized attacker to deny service over a network.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
8.8 HIGH
CVE-2026-32225 — Windows Shell Security Feature Bypass Vulnerability

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.0 HIGH
CVE-2026-32224 — Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability

Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
Showing 20 of 6621 Results