Total CVEs

140,409

Critical Severity

3,747

High Severity

13,543

Last 7 Days

1,704
Quick preset (or use dates below)
Clear Filters
Showing 6,721 - 6,740 of 13,543 CVEs
CVE-2026-32093 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32091 HIGH - 8.4

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32090 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32089 HIGH - 7.8

Use after free in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32087 HIGH - 7.0

Heap-based buffer overflow in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32086 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32083 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32082 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32080 HIGH - 7.0

Use after free in Windows WalletService allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_server_2016
Published: Apr 14, 2026
Source: NVD
CVE-2026-32078 HIGH - 7.8

Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Apr 14, 2026
Source: NVD
CVE-2026-32077 HIGH - 7.8

Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32076 HIGH - 7.8

Out-of-bounds read in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_11_23h2
Published: Apr 14, 2026
Source: NVD
CVE-2026-32075 HIGH - 7.0

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Apr 14, 2026
Source: NVD
CVE-2026-32074 HIGH - 7.8

Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-32073 HIGH - 7.0

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-32071 HIGH - 7.5

Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.

Published: Apr 14, 2026
Source: NVD
CVE-2026-32070 HIGH - 7.0

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-32069 HIGH - 7.8

Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-32068 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD
CVE-2026-27929 HIGH - 7.0

Time-of-check time-of-use (toctou) race condition in Windows LUAFV allows an authorized attacker to elevate privileges locally.

Published: Apr 14, 2026
Source: NVD