5.4
CVE-2026-20958 - Microsoft SharePoint Information Disclosure Vulnerability
Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to disclose information over a network.
7.8
CVE-2026-20957 - Microsoft Excel Remote Code Execution Vulnerability
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
8.4
CVE-2026-20952 - Microsoft Office Remote Code Execution Vulnerability
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
7.8
CVE-2026-20950 - Microsoft Excel Remote Code Execution Vulnerability
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
CVE-2026-20949 - Microsoft Excel Security Feature Bypass Vulnerability
Improper access control in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally.
7.8
CVE-2026-20948 - Microsoft Word Remote Code Execution Vulnerability
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
5.5
CVE-2026-20939 - Windows File Explorer Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.
5.5
CVE-2026-20937 - Windows File Explorer Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.
4.3
CVE-2026-20936 - Windows NDIS Information Disclosure Vulnerability
Out-of-bounds read in Windows NDIS allows an authorized attacker to disclose information with a physical attack.
6.2
CVE-2026-20935 - Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability
Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an unauthorized attacker to disclose information locally.