Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
7.8 HIGH
CVE-2026-32183 — Windows Snipping Tool Remote Code Execution Vulnerability

Improper neutralization of special elements used in a command ('command injection') in Windows Snipping Tool allows an unauthorized attacker to execute code locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
5.5 MEDIUM
CVE-2026-32181 — Connected User Experiences and Telemetry Service Denial of Service Vulnerability

Improper privilege management in Microsoft Windows allows an authorized attacker to deny service locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.5 HIGH
CVE-2026-32178 — .NET Spoofing Vulnerability

Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
6.7 MEDIUM
CVE-2026-32176 — SQL Server Elevation of Privilege Vulnerability

Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
8.8 HIGH
CVE-2026-32171 — Azure Logic Apps Elevation of Privilege Vulnerability

Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-32168 — Azure Monitor Agent Elevation of Privilege Vulnerability

Improper input validation in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
6.7 MEDIUM
CVE-2026-32167 — SQL Server Elevation of Privilege Vulnerability

Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-32165 — Windows User Interface Core Elevation of Privilege Vulnerability

Use after free in Windows User Interface Core allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-32164 — Windows User Interface Core Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-32163 — Windows User Interface Core Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
8.4 HIGH
CVE-2026-32162 — Windows COM Elevation of Privilege Vulnerability

Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-32160 — Windows Push Notifications Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-32159 — Windows Push Notifications Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-32158 — Windows Push Notifications Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
8.8 HIGH
CVE-2026-32157 — Remote Desktop Client Remote Code Execution Vulnerability

Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.4 HIGH
CVE-2026-32156 — Windows UPnP Device Host Remote Code Execution Vulnerability

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to execute code locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-32155 — Desktop Window Manager Elevation of Privilege Vulnerability

Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-32154 — Desktop Window Manager Elevation of Privilege Vulnerability

Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-32153 — Windows Speech Runtime Elevation of Privilege Vulnerability

Use after free in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-32152 — Desktop Window Manager Elevation of Privilege Vulnerability

Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
Showing 20 of 6616 Results