Total CVEs

138,585

Critical Severity

3,576

High Severity

12,840

Last 7 Days

2,006
Quick preset (or use dates below)
Clear Filters
Showing 1,301 - 1,320 of 12,840 CVEs
CVE-2026-45636 HIGH - 7.8

Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-45635 HIGH - 8.1

Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-45607 HIGH - 8.4

Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-45605 HIGH - 7.8

Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-45603 HIGH - 7.0

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-45601 HIGH - 7.0

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-45600 HIGH - 7.8

Access of resource using incompatible type ('type confusion') in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_11_24h2
Published: Jun 09, 2026
Source: NVD
CVE-2026-45599 HIGH - 8.1

Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-45598 HIGH - 7.0

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-45597 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in UI Automation Manager (uiamanager.dll) allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_11_23h2
Published: Jun 09, 2026
Source: NVD
CVE-2026-45596 HIGH - 7.0

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-45593 HIGH - 7.8

Use after free in Windows SDK allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Jun 09, 2026
Source: NVD
CVE-2026-45592 HIGH - 7.8

Integer overflow or wraparound in Windows Internet (wininet.dll) allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-45591 HIGH - 7.5

Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network.

Vendor: nuget
Product: Microsoft.AspNetCore.App.Runtime.linux-x64
Published: Jun 09, 2026
Source: NVD
CVE-2026-45588 HIGH - 7.9

Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-45586 HIGH - 7.8

Improper link resolution before file access ('link following') in Windows Collaborative Translation Framework allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-45583 HIGH - 7.5

Improper control of generation of code ('code injection') in Microsoft Exchange Server allows an unauthorized attacker to execute code over a network.

Published: Jun 09, 2026
Source: NVD
CVE-2026-45504 HIGH - 8.8

Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.

Vendor: microsoft
Product: exchange_server
Published: Jun 09, 2026
Source: NVD
CVE-2026-45503 HIGH - 8.1

Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose information over a network.

Vendor: microsoft
Product: exchange_server
Published: Jun 09, 2026
Source: NVD
CVE-2026-45490 HIGH - 7.8

Improper authorization in .NET allows an authorized attacker to elevate privileges locally.

Published: Jun 09, 2026
Source: NVD