6.4
CVE-2026-21265 - Secure Boot Certificate Expiration Security Feature Bypass Vulnerability
Windows Secure Boot stores Microsoft certificates in the UEFI KEK and DB. These original certificates are approaching expiration, and devices containing affected certificate versions must update them to maintain Secure Boot functionality and avoid compromising security by losing security fixes relaโฆ
4.4
CVE-2026-20962 - Dynamic Root of Trust for Measurement (DRTM) Information Disclosure Vulnerability
Use of uninitialized resource in Dynamic Root of Trust for Measurement (DRTM) allows an authorized attacker to disclose information locally.
7.5
CVE-2025-37166 - Unexpected shutdown in HPE Instant On Access Points after processing specific packets
A vulnerability affecting HPE Networking Instant On Access Points has been identified where a device processing a specially crafted packet could enter a non-responsive state, in some cases requiring a hard reset to re-establish services. A malicious actor could leverage this vulnerability to conducโฆ
7.5
CVE-2025-37165 - Exposure of VLAN information in unintended network interfaces
A vulnerability in the router mode configuration of HPE Instant On Access Points exposed certain network configuration details to unintended interfaces. A malicious actor could gain knowledge of internal network configuration details through inspecting impacted packets.
7.8
CVE-2025-10865 - GPU DDK - DevmemIntGetReservationData does not ref the PMR it returns
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of reference counting to cause a potential use after free. Improper reference counting on an internal resource caused scenario where potential for use after free was present.
8.8
CVE-2025-58411 - GPU DDK - Reservation::psMappedPMR can change while used by a freelist -> UAF
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources reference counting creating a potential use after free scenario. Improper resource management and reference counting on an internal resource caused scenario where potentialโฆ
3.5
CVE-2025-58409 - GPU DDK - Disguised freelist buffers passed to RGXCreateHWRTDataSet can cause arbitrary physical meโฆ
Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kerneโฆ
5.3
CVE-2025-62182 - Pega Customer Service Framework versions 8.7.0 through 25.1.0 are affected by a Unrestricted file uโฆ
Pega Customer Service Framework versions 8.7.0 through 25.1.0 are affected by a Unrestricted file upload vulnerability, where a privileged user could potentially upload a malicious file.
7.5
CVE-2025-46685 -
Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, contain a Creation of Temporary File With Insecure Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
6.2
CVE-2025-8090 - Vulnerability in the QNX Neutrino Kernel impacts the QNX Software Development Platform and QNX OS fโฆ
Null pointer dereference in the MsgRegisterEvent() system call could allowย an attacker with local access and code execution abilities to crash theย QNX Neutrino kernel.