Total CVEs

143,793

Critical Severity

4,093

High Severity

14,778

Last 7 Days

1,509
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 20,961 - 20,980 of 40,198 CVEs
CVE-2026-27931 MEDIUM - 5.5

Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-27930 MEDIUM - 5.5

Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-27929 HIGH - 7.0

Time-of-check time-of-use (toctou) race condition in Windows LUAFV allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-27928 HIGH - 8.7

Improper input validation in Windows Hello allows an unauthorized attacker to bypass a security feature over a network.

Published: Apr 14, 2026
Source: NVD
CVE-2026-27927 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Projected File System allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-27926 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-27925 MEDIUM - 6.5

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to disclose information over an adjacent network.

Published: Apr 14, 2026
Source: NVD
CVE-2026-27924 HIGH - 7.8

Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-27923 HIGH - 7.8

Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-27922 HIGH - 7.0

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-27921 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-27920 HIGH - 7.8

Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-27919 HIGH - 7.8

Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-27918 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-27917 HIGH - 7.0

Use after free in Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-27916 HIGH - 7.8

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-27915 HIGH - 7.8

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-27914 HIGH - 7.8

Improper access control in Microsoft Management Console allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-27913 HIGH - 7.7

Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-27912 HIGH - 8.0

Improper authorization in Windows Kerberos allows an authorized attacker to elevate privileges over an adjacent network.

Published: Apr 14, 2026
Source: NVD