7.8
CVE-2026-26181 - Microsoft Brokering File System Elevation of Privilege Vulnerability
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
7.8
CVE-2026-26180 - Windows Kernel Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
7.8
CVE-2026-26179 - Windows Kernel Elevation of Privilege Vulnerability
Double free in Windows Kernel allows an authorized attacker to elevate privileges locally.
4.6
CVE-2026-26175 - Windows Boot Manager Security Feature Bypass Vulnerability
Use of uninitialized resource in Windows Boot Manager allows an unauthorized attacker to bypass a security feature with a physical attack.
7
CVE-2026-26174 - Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Server Update Service allows an authorized attacker to elevate privileges locally.
8.8
CVE-2026-26167 - Windows Push Notifications Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
7
CVE-2026-26166 - Windows Shell Elevation of Privilege Vulnerability
Double free in Windows Shell allows an authorized attacker to elevate privileges locally.
7
CVE-2026-26165 - Windows Shell Elevation of Privilege Vulnerability
Use after free in Windows Shell allows an authorized attacker to elevate privileges locally.
7.8
CVE-2026-26162 - Windows OLE Elevation of Privilege Vulnerability
Access of resource using incompatible type ('type confusion') in Windows OLE allows an authorized attacker to elevate privileges locally.
7.8
CVE-2026-26161 - Windows Sensor Data Service Elevation of Privilege Vulnerability
Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally.