Total CVEs

137,241

Critical Severity

3,307

High Severity

12,254

Last 7 Days

1,423
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 1,901 - 1,920 of 33,646 CVEs
CVE-2026-44803 HIGH - 7.8

Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.

Published: Jun 09, 2026
Source: NVD
CVE-2026-44802 HIGH - 7.8

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Jun 09, 2026
Source: NVD
CVE-2026-44801 HIGH - 7.5

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: remote_desktop_client
Published: Jun 09, 2026
Source: NVD
CVE-2026-44799 HIGH - 7.5

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: remote_desktop_client
Published: Jun 09, 2026
Source: NVD
CVE-2026-42993 HIGH - 7.5

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: windows_10_21h2
Published: Jun 09, 2026
Source: NVD
CVE-2026-42992 HIGH - 7.5

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: windows_app
Published: Jun 09, 2026
Source: NVD
CVE-2026-42991 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Jun 09, 2026
Source: NVD
CVE-2026-42989 HIGH - 7.8

Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-42987 HIGH - 8.1

Use after free in Windows Deployment Services allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: windows_server_2012
Published: Jun 09, 2026
Source: NVD
CVE-2026-42986 HIGH - 7.8

Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-42985 HIGH - 8.8

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: remote_desktop_client
Published: Jun 09, 2026
Source: NVD
CVE-2026-42984 HIGH - 7.0

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Jun 09, 2026
Source: NVD
CVE-2026-42983 HIGH - 7.8

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Jun 09, 2026
Source: NVD
CVE-2026-42981 HIGH - 8.1

Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: windows_11_23h2
Published: Jun 09, 2026
Source: NVD
CVE-2026-42980 HIGH - 7.8

Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD
CVE-2026-42979 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Jun 09, 2026
Source: NVD
CVE-2026-42978 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Jun 09, 2026
Source: NVD
CVE-2026-42977 HIGH - 7.8

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Vendor: microsoft
Product: windows_10_1809
Published: Jun 09, 2026
Source: NVD
CVE-2026-42974 HIGH - 8.1

Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacker to execute code over a network.

Vendor: microsoft
Product: windows_11_23h2
Published: Jun 09, 2026
Source: NVD
CVE-2026-42973 MEDIUM - 5.5

Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.

Vendor: microsoft
Product: windows_10_1607
Published: Jun 09, 2026
Source: NVD