Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
5.3 MEDIUM
CVE-2026-42914 — Windows Kerberos Denial of Service Vulnerability

Windows Kerberos Denial of Service Vulnerability

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.5 HIGH
CVE-2026-42913 — Remote Desktop Client Remote Code Execution Vulnerability

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

windows_server_2022 windows_11 remote_desktop windows_11_23h2 windows_11_24h2 windows_server_2025 +2 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.0 HIGH
CVE-2026-42912 — Windows Telephony Service Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Telephony Service allows an authorized attacker to elevate privileges locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.0 HIGH
CVE-2026-42911 — Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.8 HIGH
CVE-2026-42910 — Windows Hotpatch Monitoring Service Elevation of Privilege Vulnerability

Out-of-bounds write in Windows Hotpatch Monitoring Service allows an authorized attacker to elevate privileges locally.

windows_11 windows_11_24h2 windows_server_2025 windows_11_25h2 windows_11_26h1
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.5 HIGH
CVE-2026-42909 — Remote Desktop Client Remote Code Execution Vulnerability

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.5 HIGH
CVE-2026-42908 — Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +11 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
6.5 MEDIUM
CVE-2026-42907 — Windows Shell Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally.

windows_10 windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 +6 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
5.5 MEDIUM
CVE-2026-42906 — Windows Shell Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally.

windows_10 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11 windows_11_23h2 +4 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.8 HIGH
CVE-2026-42905 — Windows DWM Core Library Elevation of Privilege Vulnerability

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
9.6 CRITICAL
CVE-2026-42904 — Windows TCP/IP Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate privileges over an adjacent network.

windows_10 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11 windows_11_23h2 +4 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
6.5 MEDIUM
CVE-2026-42903 — Windows Kerberos Denial of Service Vulnerability

Null pointer dereference in Windows Kerberos allows an authorized attacker to deny service over a network.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.8 HIGH
CVE-2026-42902 — Microsoft PowerToys Elevation of Privilege Vulnerability

Improper authorization in Microsoft PowerToys allows an authorized attacker to elevate privileges locally.

power_toys
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.8 HIGH
CVE-2026-42837 — Windows Projected File System Elevation of Privilege Vulnerability

Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally.

windows_10 windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 +6 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.0 HIGH
CVE-2026-42836 — Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +10 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
8.1 HIGH
CVE-2026-42835 — Microsoft Teams for Android Information Disclosure Vulnerability

Improper neutralization of special elements in output used by a downstream component ('injection') in Microsoft Teams for Android allows an authorized attacker to disclose information over a network.

teams
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.8 HIGH
CVE-2026-42829 — Windows Administrator Protection Secure Feature Bypass Vulnerability

Improper access control in Windows Administrator Protection allows an authorized attacker to bypass a security feature locally.

windows_11 windows_11_24h2 windows_11_25h2 windows_11_26h1
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.8 HIGH
CVE-2026-42828 — Windows Projected File System Elevation of Privilege Vulnerability

Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally.

windows_10 windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 +6 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
6.2 MEDIUM
CVE-2026-42771 — Possible Out of Bounds Read in X509_VERIFY_PARAM_set1_email()

Issue summary: When the X509_VERIFY_PARAM_set1_email is called by an application to validate a crafted e-mail address, such as during S/MIME message validation, an out of bounds read can happen. Imp…

openssl | Memory Corruption
Jun 09, 2026 Jun 10, 2026
Jun 09, 2026
Jun 10, 2026
3.7 LOW
CVE-2026-42770 — FFC-DH Peer Validation Uses Attacker-Supplied q

Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which present…

openssl | Remote | Cryptography
Jun 09, 2026 Jun 10, 2026
Jun 09, 2026
Jun 10, 2026
Showing 20 of 7594 Results