Total CVEs

138,754

Critical Severity

3,601

High Severity

12,905

Last 7 Days

1,541
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 3,421 - 3,440 of 35,159 CVEs
CVE-2026-42989 HIGH - 7.8

Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-42987 HIGH - 8.1

Use after free in Windows Deployment Services allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: windows_server_2012
Published: Jun 09, 2026
Source: NVD
CVE-2026-42986 HIGH - 7.8

Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-42985 HIGH - 8.8

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: remote_desktop_client
Published: Jun 09, 2026
Source: NVD
CVE-2026-42984 HIGH - 7.0

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Jun 09, 2026
Source: NVD
CVE-2026-42983 HIGH - 7.8

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Jun 09, 2026
Source: NVD
CVE-2026-42981 HIGH - 8.1

Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: windows_11_23h2
Published: Jun 09, 2026
Source: NVD
CVE-2026-42980 HIGH - 7.8

Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-42979 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Jun 09, 2026
Source: NVD
CVE-2026-42978 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Jun 09, 2026
Source: NVD
CVE-2026-42977 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Jun 09, 2026
Source: NVD
CVE-2026-42974 HIGH - 8.1

Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: windows_11_23h2
Published: Jun 09, 2026
Source: NVD
CVE-2026-42973 MEDIUM - 5.5

Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-42972 MEDIUM - 5.5

Exposure of sensitive information to an unauthorized actor in Windows Hyper-V allows an authorized attacker to disclose information locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-42971 MEDIUM - 5.5

Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-42970 MEDIUM - 5.5

Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-42969 MEDIUM - 5.5

Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-42968 MEDIUM - 5.5

Out-of-bounds read in Windows Telephony Service allows an authorized attacker to disclose information locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-42916 HIGH - 7.8

Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-42915 MEDIUM - 5.7

Incorrect calculation of buffer size in Windows VMSwitch allows an authorized attacker to deny service over an adjacent network.

Vendor: microsoft
Product: windows_10_21h2
Published: Jun 09, 2026
Source: NVD