Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
6.5 MEDIUM
CVE-2026-27925 — Windows UPnP Device Host Information Disclosure Vulnerability

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to disclose information over an adjacent network.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-27924 — Desktop Window Manager Elevation of Privilege Vulnerability

Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-27923 — Desktop Window Manager Elevation of Privilege Vulnerability

Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.0 HIGH
CVE-2026-27922 — Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.0 HIGH
CVE-2026-27921 — Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-27920 — Windows UPnP Device Host Elevation of Privilege Vulnerability

Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-27919 — Windows UPnP Device Host Elevation of Privilege Vulnerability

Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-27918 — Windows Shell Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.0 HIGH
CVE-2026-27917 — Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Elevation of Privilege Vulnerabi…

Use after free in Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-27916 — Windows UPnP Device Host Elevation of Privilege Vulnerability

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-27915 — Windows UPnP Device Host Elevation of Privilege Vulnerability

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-27914 — Microsoft Management Console Elevation of Privilege Vulnerability

Improper access control in Microsoft Management Console allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.7 HIGH
CVE-2026-27913 — Windows BitLocker Security Feature Bypass Vulnerability

Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
8.0 HIGH
CVE-2026-27912 — Windows Kerberos Elevation of Privilege Vulnerability

Improper authorization in Windows Kerberos allows an authorized attacker to elevate privileges over an adjacent network.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-27911 — Windows User Interface Core Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-27910 — Windows Installer Elevation of Privilege Vulnerability

Improper handling of insufficient permissions or privileges in Windows Installer allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-27909 — Windows Search Service Elevation of Privilege Vulnerability

Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.0 HIGH
CVE-2026-27908 — Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability

Use after free in Windows TDI Translation Driver (tdx.sys) allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
7.8 HIGH
CVE-2026-27907 — Windows Storage Spaces Controller Elevation of Privilege Vulnerability

Integer underflow (wrap or wraparound) in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
4.4 MEDIUM
CVE-2026-27906 — Windows Hello Security Feature Bypass Vulnerability

Improper input validation in Windows Hello allows an authorized attacker to bypass a security feature locally.

Apr 14, 2026 Apr 14, 2026
Apr 14, 2026
Apr 14, 2026
Showing 20 of 6642 Results