Total CVEs

143,793

Critical Severity

4,093

High Severity

14,778

Last 7 Days

1,512
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 20,921 - 20,940 of 40,198 CVEs
CVE-2026-32164 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32163 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Apr 14, 2026
Source: NVD
CVE-2026-32162 HIGH - 8.4

Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Apr 14, 2026
Source: NVD
CVE-2026-32160 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Apr 14, 2026
Source: NVD
CVE-2026-32159 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Apr 14, 2026
Source: NVD
CVE-2026-32158 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Apr 14, 2026
Source: NVD
CVE-2026-32157 HIGH - 8.8

Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Published: Apr 14, 2026
Source: NVD
CVE-2026-32156 HIGH - 7.4

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to execute code locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-32155 HIGH - 7.8

Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_21h2
Published: Apr 14, 2026
Source: NVD
CVE-2026-32154 HIGH - 7.8

Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-32153 HIGH - 7.8

Use after free in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Apr 14, 2026
Source: NVD
CVE-2026-32152 HIGH - 7.8

Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-32151 MEDIUM - 6.5

Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information over a network.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32150 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32149 HIGH - 7.3

Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32093 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32091 HIGH - 8.4

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32090 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32089 HIGH - 7.8

Use after free in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32088 MEDIUM - 6.1

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Biometric Service allows an unauthorized attacker to bypass a security feature with a physical attack.

Vendor: microsoft
Product: windows_10_1809
Published: Apr 14, 2026
Source: NVD