Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
8.8 HIGH
CVE-2026-47653 — Remote Desktop Client Remote Code Execution Vulnerability

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 +1 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
8.2 HIGH
CVE-2026-47652 — Windows Hyper-V Remote Code Execution Vulnerability

Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.

windows_server_2022 windows_11 windows_server_2025
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.0 HIGH
CVE-2026-47648 — Windows Storage Elevation of Privilege Vulnerability

Untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 +1 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
9.8 CRITICAL
CVE-2026-47643 — Azure Stack Edge Remote Code Execution Vulnerability

External control of file name or path in Azure Stack Edge allows an unauthorized attacker to execute code over a network.

azure_stack_edge
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
4.6 MEDIUM
CVE-2026-47641 — Microsoft SharePoint Server Spoofing Vulnerability

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

sharepoint_enterprise_server_2016 sharepoint_server_2019
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
4.6 MEDIUM
CVE-2026-47640 — Microsoft SharePoint Server Spoofing Vulnerability

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

sharepoint_enterprise_server_2016 sharepoint_server_2019
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
5.4 MEDIUM
CVE-2026-47639 — Microsoft SharePoint Server Spoofing Vulnerability

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

sharepoint_enterprise_server_2016 sharepoint_server_2019
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
4.6 MEDIUM
CVE-2026-47638 — Microsoft SharePoint Server Spoofing Vulnerability

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

sharepoint_enterprise_server_2016 sharepoint_server_2019
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
4.6 MEDIUM
CVE-2026-47637 — Microsoft SharePoint Server Spoofing Vulnerability

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

sharepoint_enterprise_server_2016 sharepoint_server_2019
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
5.4 MEDIUM
CVE-2026-47636 — Microsoft SharePoint Server Spoofing Vulnerability

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

sharepoint_enterprise_server_2016 sharepoint_server_2019
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
8.4 HIGH
CVE-2026-47635 — Microsoft Outlook and Word Remote Code Execution Vulnerability

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.3 HIGH
CVE-2026-47634 — Microsoft SharePoint Server Spoofing Vulnerability

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

sharepoint_server_2019
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
8.1 HIGH
CVE-2026-47631 — Microsoft Exchange Server Spoofing Vulnerability

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.

Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
8.0 HIGH
CVE-2026-47298 — Microsoft SharePoint Server Remote Code Execution Vulnerability

Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

sharepoint_enterprise_server_2016 sharepoint_server_2019
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.0 HIGH
CVE-2026-47293 — Microsoft Office Click-To-Run Elevation of Privilege Vulnerability

Use after free in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally.

office_2019
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.8 HIGH
CVE-2026-47292 — Visual Studio Code MSSQL Extension Remote Code Execution Vulnerability

Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally.

Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
9.8 CRITICAL
CVE-2026-47291 — HTTP.sys Remote Code Execution Vulnerability

Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 +1 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
8.8 HIGH
CVE-2026-47289 — Remote Desktop Client Remote Code Execution Vulnerability

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 +2 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.1 HIGH
CVE-2026-47288 — Windows Kerberos Key Distribution Center (KDC) Remote Code Execution

Integer overflow or wraparound in Windows Kerberos allows an authorized attacker to execute code over an adjacent network.

windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_server_2025
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
6.5 MEDIUM
CVE-2026-47287 — Visual Studio Code Tampering Vulnerability

Relative path traversal in Visual Studio Code allows an unauthorized attacker to perform tampering over a network.

visual_studio_code
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
Showing 20 of 7424 Results