Total CVEs

140,339

Critical Severity

3,747

High Severity

13,518

Last 7 Days

1,774
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 9,381 - 9,400 of 13,215 CVEs
CVE-2026-26134 HIGH - 7.8

Integer overflow or wraparound in Microsoft Office allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: office
Published: Mar 10, 2026
Source: NVD
CVE-2026-26132 HIGH - 7.8

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

Published: Mar 10, 2026
Source: NVD
CVE-2026-26131 HIGH - 7.8

Incorrect default permissions in .NET allows an authorized attacker to elevate privileges locally.

Vendor: nuget
Product: Microsoft.NetCore.App.Runtime.linux-arm
Published: Mar 10, 2026
Source: NVD
CVE-2026-26130 HIGH - 7.5

Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.

Vendor: nuget
Product: Microsoft.AspNetCore.App.Runtime.linux-arm
Published: Mar 10, 2026
Source: NVD
CVE-2026-26128 HIGH - 7.8

Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.

Published: Mar 10, 2026
Source: NVD
CVE-2026-26127 HIGH - 7.5

Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network.

Vendor: nuget
Product: Microsoft.Bcl.Memory
Published: Mar 10, 2026
Source: NVD
CVE-2026-26121 HIGH - 7.5

Server-side request forgery (ssrf) in Azure IoT Explorer allows an unauthorized attacker to perform spoofing over a network.

Vendor: microsoft
Product: azure_iot_explorer
Published: Mar 10, 2026
Source: NVD
CVE-2026-26118 HIGH - 8.8

Azure MCP Server has Server-Side Request Forgery issue that allows authorized attacker to elevate privileges over a network

Vendor: nuget
Product: Azure.Mcp
Published: Mar 10, 2026
Source: NVD
CVE-2026-26117 HIGH - 7.8

Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: arc_enabled_servers_azure_connected_machine_agent
Published: Mar 10, 2026
Source: NVD
CVE-2026-26116 HIGH - 8.8

Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.

Vendor: microsoft
Product: sql_server_2016
Published: Mar 10, 2026
Source: NVD
CVE-2026-26115 HIGH - 8.8

Improper validation of specified type of input in SQL Server allows an authorized attacker to elevate privileges over a network.

Vendor: microsoft
Product: sql_server_2016
Published: Mar 10, 2026
Source: NVD
CVE-2026-26114 HIGH - 8.8

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Vendor: microsoft
Product: sharepoint_server
Published: Mar 10, 2026
Source: NVD
CVE-2026-26113 HIGH - 8.4

Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.

Vendor: microsoft
Product: 365_apps
Published: Mar 10, 2026
Source: NVD
CVE-2026-26112 HIGH - 7.8

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Vendor: microsoft
Product: 365_apps
Published: Mar 10, 2026
Source: NVD
CVE-2026-26111 HIGH - 8.8

Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: windows_server_2012
Published: Mar 10, 2026
Source: NVD
CVE-2026-26110 HIGH - 8.4

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

Vendor: microsoft
Product: 365_apps
Published: Mar 10, 2026
Source: NVD
CVE-2026-26109 HIGH - 8.4

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Vendor: microsoft
Product: 365_apps
Published: Mar 10, 2026
Source: NVD
CVE-2026-26108 HIGH - 7.8

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Vendor: microsoft
Product: 365_apps
Published: Mar 10, 2026
Source: NVD
CVE-2026-26107 HIGH - 7.8

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Vendor: microsoft
Product: 365_apps
Published: Mar 10, 2026
Source: NVD
CVE-2026-26106 HIGH - 8.8

Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Vendor: microsoft
Product: sharepoint_server
Published: Mar 10, 2026
Source: NVD