Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
7.9 HIGH
CVE-2026-48576 — Secure Boot Security Feature Bypass Vulnerability

Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 +1 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.9 HIGH
CVE-2026-48575 — Secure Boot Security Feature Bypass Vulnerability

Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 +1 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.8 HIGH
CVE-2026-48574 — Windows Media Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 +1 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.9 HIGH
CVE-2026-48573 — Secure Boot Security Feature Bypass Vulnerability

Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 +1 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.9 HIGH
CVE-2026-48570 — Secure Boot Security Feature Bypass Vulnerability

Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 +1 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.1 HIGH
CVE-2026-48569 — Visual Studio Code Security Feature Bypass Vulnerability

Improper input validation in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.

visual_studio_code
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.9 HIGH
CVE-2026-48568 — Secure Boot Security Feature Bypass Vulnerability

Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 windows_11 +1 more
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
5.5 MEDIUM
CVE-2026-48566 — Windows DWM Core Library Information Disclosure Vulnerability

Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally.

windows_11 windows_server_2025
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.8 HIGH
CVE-2026-48565 — Windows Narrator Braille Elevation of Privilege Vulnerability

Untrusted search path in Windows Narrator Braille allows an authorized attacker to elevate privileges locally.

Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
7.5 HIGH
CVE-2026-48563 — Remote Desktop Client Remote Code Execution Vulnerability

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

windows_10 windows_server_2019 windows_server_2022 windows_11 windows_server_2025
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
4.6 MEDIUM
CVE-2026-48562 — Microsoft SharePoint Server Spoofing Vulnerability

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

sharepoint_enterprise_server_2016 sharepoint_server_2019
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
5.4 MEDIUM
CVE-2026-48560 — Microsoft SharePoint Server Spoofing Vulnerability

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

sharepoint_enterprise_server_2016 sharepoint_server_2019
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
5.4 MEDIUM
CVE-2026-48304 — Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma…

experience_manager | Remote | Cross-Site Scripting
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
5.4 MEDIUM
CVE-2026-48301 — Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma…

experience_manager | Remote | Cross-Site Scripting
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
5.4 MEDIUM
CVE-2026-48300 — Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma…

experience_manager | Remote | Cross-Site Scripting
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
5.4 MEDIUM
CVE-2026-48299 — Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma…

experience_manager | Remote | Cross-Site Scripting
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
5.4 MEDIUM
CVE-2026-48297 — Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject ma…

experience_manager | Remote | Cross-Site Scripting
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
3.5 LOW
CVE-2026-48289 — Adobe Experience Manager | Improper Input Validation (CWE-20)

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged atta…

experience_manager | Remote | Authentication
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
3.5 LOW
CVE-2026-48288 — Adobe Experience Manager | Improper Input Validation (CWE-20)

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged atta…

experience_manager | Remote | Authorization
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
5.4 MEDIUM
CVE-2026-48280 — Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D…

experience_manager | Remote | Cross-Site Scripting
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
Showing 20 of 7486 Results