Total CVEs

139,456

Critical Severity

3,644

High Severity

13,084

Last 7 Days

1,238
Quick preset (or use dates below)
Clear Filters
Showing 4,061 - 4,080 of 13,084 CVEs
CVE-2026-40413 HIGH - 7.4

Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over an adjacent network.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-40410 HIGH - 7.0

Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-40408 HIGH - 7.8

Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-40407 HIGH - 7.8

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-40406 HIGH - 7.5

Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-40405 HIGH - 7.5

Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over a network.

Vendor: microsoft
Product: windows_11_24h2
Published: May 12, 2026
Source: NVD
CVE-2026-40403 HIGH - 8.8

Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to execute code locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-40401 HIGH - 7.1

Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-40399 HIGH - 7.8

Stack-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-40398 HIGH - 7.8

Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-40397 HIGH - 7.8

Integer underflow (wrap or wraparound) in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-40382 HIGH - 7.8

Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-40381 HIGH - 7.8

Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: azure_connected_machine_agent
Published: May 12, 2026
Source: NVD
CVE-2026-40377 HIGH - 7.8

Heap-based buffer overflow in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-40370 HIGH - 8.8

External control of file name or path in SQL Server allows an authorized attacker to execute code over a network.

Published: May 12, 2026
Source: NVD
CVE-2026-40369 HIGH - 7.8

Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_11_24h2
Published: May 12, 2026
Source: NVD
CVE-2026-40368 HIGH - 8.0

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Vendor: microsoft
Product: sharepoint_server
Published: May 12, 2026
Source: NVD
CVE-2026-40367 HIGH - 8.4

Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Vendor: microsoft
Product: 365_apps
Published: May 12, 2026
Source: NVD
CVE-2026-40366 HIGH - 8.4

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Vendor: microsoft
Product: 365_apps
Published: May 12, 2026
Source: NVD
CVE-2026-40365 HIGH - 8.8

Insufficient granularity of access control in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Vendor: microsoft
Product: sharepoint_server
Published: May 12, 2026
Source: NVD