Total CVEs

141,249

Critical Severity

3,795

High Severity

13,708

Last 7 Days

2,254
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 11,401 - 11,420 of 13,404 CVEs
CVE-2026-21537 HIGH - 8.8

Improper control of generation of code ('code injection') in Microsoft Defender for Linux allows an unauthorized attacker to execute code over an adjacent network.

Vendor: microsoft
Product: defender_for_endpoint
Published: Feb 10, 2026
Source: NVD
CVE-2026-21533 HIGH - 7.8

Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Feb 10, 2026
Source: NVD
CVE-2026-21523 HIGH - 8.0

Time-of-check time-of-use (toctou) race condition in GitHub Copilot and Visual Studio allows an authorized attacker to execute code over a network.

Vendor: microsoft
Product: visual_studio_code
Published: Feb 10, 2026
Source: NVD
CVE-2026-21519 HIGH - 7.8

Access of resource using incompatible type ('type confusion') in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Feb 10, 2026
Source: NVD
CVE-2026-21517 HIGH - 7.0

Improper link resolution before file access ('link following') in Windows App for Mac allows an authorized attacker to elevate privileges locally.

Published: Feb 10, 2026
Source: NVD
CVE-2026-21516 HIGH - 8.8

Improper neutralization of special elements used in a command ('command injection') in Github Copilot allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: github_copilot
Published: Feb 10, 2026
Source: NVD
CVE-2026-21514 HIGH - 7.8

Reliance on untrusted inputs in a security decision in Microsoft Office Word allows an unauthorized attacker to bypass a security feature locally.

Vendor: microsoft
Product: 365_apps
Published: Feb 10, 2026
Source: NVD
CVE-2026-21513 HIGH - 8.8

Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network.

Vendor: microsoft
Product: windows_10_1607
Published: Feb 10, 2026
Source: NVD
CVE-2026-21511 HIGH - 7.5

Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.

Vendor: microsoft
Product: 365_apps
Published: Feb 10, 2026
Source: NVD
CVE-2026-21510 HIGH - 8.8

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.

Vendor: microsoft
Product: windows_10_1607
Published: Feb 10, 2026
Source: NVD
CVE-2026-21508 HIGH - 7.0

Improper authentication in Windows Storage allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Feb 10, 2026
Source: NVD
CVE-2026-21357 HIGH - 7.8

InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vendor: Adobe
Product: InDesign Desktop
Published: Feb 10, 2026
Source: NVD
CVE-2026-21351 HIGH - 7.8

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vendor: Adobe
Product: After Effects
Published: Feb 10, 2026
Source: NVD
CVE-2026-21335 HIGH - 7.8

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vendor: Adobe
Product: Substance3D - Designer
Published: Feb 10, 2026
Source: NVD
CVE-2026-21334 HIGH - 7.8

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vendor: Adobe
Product: Substance3D - Designer
Published: Feb 10, 2026
Source: NVD
CVE-2026-21330 HIGH - 7.8

After Effects versions 25.6 and earlier are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mus...

Vendor: Adobe
Product: After Effects
Published: Feb 10, 2026
Source: NVD
CVE-2026-21329 HIGH - 7.8

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vendor: Adobe
Product: After Effects
Published: Feb 10, 2026
Source: NVD
CVE-2026-21328 HIGH - 7.8

After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vendor: Adobe
Product: After Effects
Published: Feb 10, 2026
Source: NVD
CVE-2026-21327 HIGH - 7.8

After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vendor: Adobe
Product: After Effects
Published: Feb 10, 2026
Source: NVD
CVE-2026-21326 HIGH - 7.8

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vendor: Adobe
Product: After Effects
Published: Feb 10, 2026
Source: NVD