Total CVEs

143,793

Critical Severity

4,093

High Severity

14,778

Last 7 Days

1,509
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 20,941 - 20,960 of 40,198 CVEs
CVE-2026-32087 HIGH - 7.0

Heap-based buffer overflow in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32086 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32085 MEDIUM - 5.5

Exposure of sensitive information to an unauthorized actor in Windows Remote Procedure Call allows an authorized attacker to disclose information locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32084 MEDIUM - 5.5

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32083 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32082 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32081 MEDIUM - 5.5

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32080 HIGH - 7.0

Use after free in Windows WalletService allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_server_2016
Published: Apr 14, 2026
Source: NVD
CVE-2026-32079 MEDIUM - 5.5

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32078 HIGH - 7.8

Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Apr 14, 2026
Source: NVD
CVE-2026-32077 HIGH - 7.8

Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32076 HIGH - 7.8

Out-of-bounds read in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_11_23h2
Published: Apr 14, 2026
Source: NVD
CVE-2026-32075 HIGH - 7.0

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32074 HIGH - 7.8

Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-32073 HIGH - 7.0

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-32072 MEDIUM - 6.2

Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-32071 HIGH - 7.5

Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.

Published: Apr 14, 2026
Source: NVD
CVE-2026-32070 HIGH - 7.0

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-32069 HIGH - 7.8

Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-32068 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD