7.8
CVE-2026-20857 - Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Untrusted pointer dereference in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
8.1
CVE-2026-20856 - Windows Server Update Service (WSUS) Remote Code Execution Vulnerability
Improper input validation in Windows Server Update Service allows an unauthorized attacker to execute code over a network.
7.7
CVE-2026-20852 - Windows Hello Tampering Vulnerability
Incorrect privilege assignment in Windows Hello allows an unauthorized attacker to perform tampering locally.
6.2
CVE-2026-20851 - Capability Access Management Service (camsvc) Information Disclosure Vulnerability
Out-of-bounds read in Capability Access Management Service (camsvc) allows an unauthorized attacker to disclose information locally.
6.5
CVE-2026-20847 - Microsoft Windows File Explorer Spoofing Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to perform spoofing over a network.
7.4
CVE-2026-20844 - Windows Clipboard Server Elevation of Privilege Vulnerability
Use after free in Windows Clipboard Server allows an unauthorized attacker to elevate privileges locally.
7
CVE-2026-20842 - Microsoft DWM Core Library Elevation of Privilege Vulnerability
Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.
7.8
CVE-2026-20840 - Windows NTFS Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.
5.5
CVE-2026-20839 - Windows Client-Side Caching (CSC) Service Information Disclosure Vulnerability
Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to disclose information locally.
5.5
CVE-2026-20838 - Windows Kernel Information Disclosure Vulnerability
Generation of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose information locally.