Total CVEs

145,959

Critical Severity

4,294

High Severity

15,797

Last 7 Days

2,214
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 17,201 - 17,220 of 42,364 CVEs
CVE-2026-34350 MEDIUM - 6.5

Null pointer dereference in Windows Storport Miniport Driver allows an unauthorized attacker to deny service over a network.

Vendor: microsoft
Product: windows_server_2025
Published: May 12, 2026
Source: NVD
CVE-2026-34347 HIGH - 7.0

Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-34345 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-34344 HIGH - 7.8

Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-34343 HIGH - 7.8

Heap-based buffer overflow in Windows Application Identity (AppID) Subsystem allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-34342 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-34341 HIGH - 7.0

Double free in Windows Link-Layer Discovery Protocol (LLDP) allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-34340 HIGH - 7.0

Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: May 12, 2026
Source: NVD
CVE-2026-34339 MEDIUM - 5.5

Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to deny service locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-34338 HIGH - 7.8

Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-34337 HIGH - 7.8

Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: May 12, 2026
Source: NVD
CVE-2026-34336 HIGH - 7.8

Buffer over-read in Windows DWM Core Library allows an authorized attacker to disclose information locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-34334 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-34333 HIGH - 7.8

Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-34332 HIGH - 8.0

Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to execute code over a network.

Vendor: microsoft
Product: windows_server_2025
Published: May 12, 2026
Source: NVD
CVE-2026-34331 HIGH - 7.0

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-34330 HIGH - 7.8

Integer overflow or wraparound in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-34329 HIGH - 8.8

Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network.

Vendor: microsoft
Product: windows_10_1607
Published: May 12, 2026
Source: NVD
CVE-2026-33841 HIGH - 7.8

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_21h2
Published: May 12, 2026
Source: NVD
CVE-2026-33840 HIGH - 7.8

Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_11_24h2
Published: May 12, 2026
Source: NVD