Total CVEs

138,943

Critical Severity

3,617

High Severity

12,982

Last 7 Days

935
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 6,141 - 6,160 of 12,679 CVEs
CVE-2026-32183 HIGH - 7.8

Improper neutralization of special elements used in a command ('command injection') in Windows Snipping Tool allows an unauthorized attacker to execute code locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32178 HIGH - 7.5

Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network.

Vendor: nuget
Product: Microsoft.NetCore.App.Runtime.linux-arm
Published: Apr 14, 2026
Source: NVD
CVE-2026-32171 HIGH - 8.8

Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.

Published: Apr 14, 2026
Source: NVD
CVE-2026-32168 HIGH - 7.8

Improper input validation in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-32165 HIGH - 7.8

Use after free in Windows User Interface Core allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Apr 14, 2026
Source: NVD
CVE-2026-32164 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32163 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Apr 14, 2026
Source: NVD
CVE-2026-32162 HIGH - 8.4

Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Apr 14, 2026
Source: NVD
CVE-2026-32160 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Apr 14, 2026
Source: NVD
CVE-2026-32159 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Apr 14, 2026
Source: NVD
CVE-2026-32158 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Apr 14, 2026
Source: NVD
CVE-2026-32157 HIGH - 8.8

Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Published: Apr 14, 2026
Source: NVD
CVE-2026-32156 HIGH - 7.4

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to execute code locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-32155 HIGH - 7.8

Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_21h2
Published: Apr 14, 2026
Source: NVD
CVE-2026-32154 HIGH - 7.8

Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-32153 HIGH - 7.8

Use after free in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Apr 14, 2026
Source: NVD
CVE-2026-32152 HIGH - 7.8

Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-32150 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32149 HIGH - 7.3

Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32093 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD