7.8
CVE-2026-26168 - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
7.8
CVE-2026-26163 - Windows Kernel Elevation of Privilege Vulnerability
Double free in Windows Kernel allows an authorized attacker to elevate privileges locally.
7.8
CVE-2026-26159 - Remote Desktop Licensing Service Elevation of Privilege Vulnerability
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.
7.8
CVE-2026-26156 - Windows Hyper-V Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Hyper-V allows an unauthorized attacker to execute code locally.
7.8
CVE-2026-26153 - Windows Encrypted File System (EFS) Elevation of Privilege Vulnerability
Out-of-bounds read in Windows Encrypting File System (EFS) allows an authorized attacker to elevate privileges locally.
7
CVE-2026-26152 - Microsoft Cryptographic Services Elevation of Privilege Vulnerability
Insecure storage of sensitive information in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.
7.8
CVE-2026-26143 - Microsoft PowerShell Security Feature Bypass Vulnerability
Improper input validation in Microsoft PowerShell allows an unauthorized attacker to bypass a security feature locally.
7.5
CVE-2026-23666 - .NET Framework Denial of Service Vulnerability
Improper input validation in .NET Framework allows an unauthorized attacker to deny service over a network.
7.8
CVE-2026-23657 - Microsoft Word Remote Code Execution Vulnerability
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
5.5
CVE-2026-20806 - Windows COM Server Information Disclosure Vulnerability
Access of resource using incompatible type ('type confusion') in Windows COM allows an authorized attacker to disclose information locally.