Total CVEs

138,585

Critical Severity

3,576

High Severity

12,840

Last 7 Days

2,007
Quick preset (or use dates below)
Clear Filters
Showing 1,261 - 1,280 of 12,840 CVEs
CVE-2026-49160 HIGH - 7.5

Uncontrolled resource consumption in HTTP/2 allows an unauthorized attacker to deny service over a network.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-48583 HIGH - 7.8

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-48578 HIGH - 7.9

Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-48576 HIGH - 7.9

Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-48575 HIGH - 7.9

Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-48574 HIGH - 7.8

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-48573 HIGH - 7.9

Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-48570 HIGH - 7.9

Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-48569 HIGH - 7.1

Improper input validation in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.

Vendor: microsoft
Product: visual_studio_code
Published: Jun 09, 2026
Source: NVD
CVE-2026-48568 HIGH - 7.9

Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-48565 HIGH - 7.8

Untrusted search path in Windows Narrator Braille allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_narrator_braille
Published: Jun 09, 2026
Source: NVD
CVE-2026-48563 HIGH - 7.5

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: windows_10_1809
Published: Jun 09, 2026
Source: NVD
CVE-2026-47656 HIGH - 7.9

Protection mechanism failure in Windows Boot Manager allows an authorized attacker to bypass a security feature locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-47654 HIGH - 7.5

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: windows_server_2016
Published: Jun 09, 2026
Source: NVD
CVE-2026-47653 HIGH - 8.8

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-47652 HIGH - 8.2

Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.

Vendor: microsoft
Product: windows_11_23h2
Published: Jun 09, 2026
Source: NVD
CVE-2026-47648 HIGH - 7.0

Untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-47635 HIGH - 8.4

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

Vendor: microsoft
Product: office_2024
Published: Jun 09, 2026
Source: NVD
CVE-2026-47634 HIGH - 7.3

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

Vendor: microsoft
Product: sharepoint_server
Published: Jun 09, 2026
Source: NVD
CVE-2026-47631 HIGH - 8.1

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.

Vendor: microsoft
Product: exchange_server
Published: Jun 09, 2026
Source: NVD