Total CVEs

138,585

Critical Severity

3,576

High Severity

12,840

Last 7 Days

1,971
Quick preset (or use dates below)
Clear Filters
Showing 1,361 - 1,380 of 12,840 CVEs
CVE-2026-42987 HIGH - 8.1

Use after free in Windows Deployment Services allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: windows_server_2012
Published: Jun 09, 2026
Source: NVD
CVE-2026-42986 HIGH - 7.8

Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-42985 HIGH - 8.8

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: remote_desktop_client
Published: Jun 09, 2026
Source: NVD
CVE-2026-42984 HIGH - 7.0

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Jun 09, 2026
Source: NVD
CVE-2026-42983 HIGH - 7.8

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Jun 09, 2026
Source: NVD
CVE-2026-42981 HIGH - 8.1

Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: windows_11_23h2
Published: Jun 09, 2026
Source: NVD
CVE-2026-42980 HIGH - 7.8

Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-42979 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Jun 09, 2026
Source: NVD
CVE-2026-42978 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Jun 09, 2026
Source: NVD
CVE-2026-42977 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Jun 09, 2026
Source: NVD
CVE-2026-42974 HIGH - 8.1

Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: windows_11_23h2
Published: Jun 09, 2026
Source: NVD
CVE-2026-42916 HIGH - 7.8

Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-42913 HIGH - 7.5

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Published: Jun 09, 2026
Source: NVD
CVE-2026-42912 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Telephony Service allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-42911 HIGH - 7.0

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-42910 HIGH - 7.8

Out-of-bounds write in Windows Hotpatch Monitoring Service allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_11_24h2
Published: Jun 09, 2026
Source: NVD
CVE-2026-42909 HIGH - 7.5

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: remote_desktop_client
Published: Jun 09, 2026
Source: NVD
CVE-2026-42908 HIGH - 7.5

Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network.

Published: Jun 09, 2026
Source: NVD
CVE-2026-42905 HIGH - 7.8

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-42902 HIGH - 7.8

Improper authorization in Microsoft PowerToys allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: powertoys
Published: Jun 09, 2026
Source: NVD