Total CVEs

142,265

Critical Severity

3,947

High Severity

14,217

Last 7 Days

1,919
Quick preset (or use dates below)
Clear Filters
Showing 11,941 - 11,960 of 14,217 CVEs
CVE-2026-21255 HIGH - 8.8

Improper access control in Windows Hyper-V allows an authorized attacker to bypass a security feature locally.

Vendor: microsoft
Product: windows_10_1607
Published: Feb 10, 2026
Source: NVD
CVE-2026-21253 HIGH - 7.0

Use after free in Mailslot File System allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Feb 10, 2026
Source: NVD
CVE-2026-21251 HIGH - 7.8

Use after free in Windows Cluster Client Failover allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_server_2016
Published: Feb 10, 2026
Source: NVD
CVE-2026-21250 HIGH - 7.8

Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_11_24h2
Published: Feb 10, 2026
Source: NVD
CVE-2026-21248 HIGH - 7.3

Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.

Vendor: microsoft
Product: windows_10_1607
Published: Feb 10, 2026
Source: NVD
CVE-2026-21247 HIGH - 7.3

Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally.

Vendor: microsoft
Product: windows_10_1607
Published: Feb 10, 2026
Source: NVD
CVE-2026-21246 HIGH - 7.8

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Feb 10, 2026
Source: NVD
CVE-2026-21245 HIGH - 7.8

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_11_24h2
Published: Feb 10, 2026
Source: NVD
CVE-2026-21244 HIGH - 7.3

Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.

Vendor: microsoft
Product: windows_10_1607
Published: Feb 10, 2026
Source: NVD
CVE-2026-21243 HIGH - 7.5

Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.

Vendor: microsoft
Product: windows_server_2019
Published: Feb 10, 2026
Source: NVD
CVE-2026-21242 HIGH - 7.0

Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_21h2
Published: Feb 10, 2026
Source: NVD
CVE-2026-21241 HIGH - 7.0

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_11_23h2
Published: Feb 10, 2026
Source: NVD
CVE-2026-21240 HIGH - 7.8

Time-of-check time-of-use (toctou) race condition in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Feb 10, 2026
Source: NVD
CVE-2026-21239 HIGH - 7.8

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Feb 10, 2026
Source: NVD
CVE-2026-21238 HIGH - 7.8

Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Feb 10, 2026
Source: NVD
CVE-2026-21237 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_21h2
Published: Feb 10, 2026
Source: NVD
CVE-2026-21236 HIGH - 7.8

Heap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Feb 10, 2026
Source: NVD
CVE-2026-21235 HIGH - 7.3

Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Feb 10, 2026
Source: NVD
CVE-2026-21234 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Feb 10, 2026
Source: NVD
CVE-2026-21232 HIGH - 7.8

Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_11_23h2
Published: Feb 10, 2026
Source: NVD