Total CVEs

138,502

Critical Severity

3,573

High Severity

12,821

Last 7 Days

2,013
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 3,801 - 3,820 of 12,518 CVEs
CVE-2026-40407 HIGH - 7.8

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-40406 HIGH - 7.5

Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-40405 HIGH - 7.5

Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over a network.

Vendor: microsoft
Product: windows_11_24h2
Published: May 12, 2026
Source: NVD
CVE-2026-40403 HIGH - 8.8

Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to execute code locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-40401 HIGH - 7.1

Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-40399 HIGH - 7.8

Stack-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-40398 HIGH - 7.8

Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-40397 HIGH - 7.8

Integer underflow (wrap or wraparound) in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-40382 HIGH - 7.8

Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-40381 HIGH - 7.8

Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: azure_connected_machine_agent
Published: May 12, 2026
Source: NVD
CVE-2026-40377 HIGH - 7.8

Heap-based buffer overflow in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-40370 HIGH - 8.8

External control of file name or path in SQL Server allows an authorized attacker to execute code over a network.

Published: May 12, 2026
Source: NVD
CVE-2026-40369 HIGH - 7.8

Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_11_24h2
Published: May 12, 2026
Source: NVD
CVE-2026-40368 HIGH - 8.0

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Vendor: microsoft
Product: sharepoint_server
Published: May 12, 2026
Source: NVD
CVE-2026-40367 HIGH - 8.4

Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Vendor: microsoft
Product: 365_apps
Published: May 12, 2026
Source: NVD
CVE-2026-40366 HIGH - 8.4

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Vendor: microsoft
Product: 365_apps
Published: May 12, 2026
Source: NVD
CVE-2026-40365 HIGH - 8.8

Insufficient granularity of access control in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Vendor: microsoft
Product: sharepoint_server
Published: May 12, 2026
Source: NVD
CVE-2026-40364 HIGH - 8.4

Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Vendor: microsoft
Product: 365_apps
Published: May 12, 2026
Source: NVD
CVE-2026-40363 HIGH - 8.4

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

Vendor: microsoft
Product: 365_apps
Published: May 12, 2026
Source: NVD
CVE-2026-40362 HIGH - 7.8

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Vendor: microsoft
Product: 365_apps
Published: May 12, 2026
Source: NVD