7
CVE-2026-20830 - Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an authorized attacker to elevate privileges locally.
9.8
CVE-2026-20963 - Microsoft SharePoint Remote Code Execution Vulnerability
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code over a network.
4.6
CVE-2026-20959 - Microsoft SharePoint Server Spoofing Vulnerability
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
7.8
CVE-2026-20956 - Microsoft Excel Remote Code Execution Vulnerability
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
CVE-2026-20955 - Microsoft Excel Remote Code Execution Vulnerability
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
8.4
CVE-2026-20953 - Microsoft Office Remote Code Execution Vulnerability
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
7.8
CVE-2026-20951 - Microsoft SharePoint Server Remote Code Execution Vulnerability
Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
7.8
CVE-2026-20946 - Microsoft Excel Remote Code Execution Vulnerability
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
8.4
CVE-2026-20944 - Microsoft Word Remote Code Execution Vulnerability
Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to execute code locally.
7
CVE-2026-20943 - Microsoft Office Click-To-Run Remote Code Execution Vulnerability
Untrusted search path in Microsoft Office allows an unauthorized attacker to execute code locally.