8.4
CVE-2026-20952 - Microsoft Office Remote Code Execution Vulnerability
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
7.8
CVE-2026-20950 - Microsoft Excel Remote Code Execution Vulnerability
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
7.8
CVE-2026-20949 - Microsoft Excel Security Feature Bypass Vulnerability
Improper access control in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally.
7.8
CVE-2026-20948 - Microsoft Word Remote Code Execution Vulnerability
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
5.5
CVE-2026-20939 - Windows File Explorer Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.
5.5
CVE-2026-20937 - Windows File Explorer Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.
4.3
CVE-2026-20936 - Windows NDIS Information Disclosure Vulnerability
Out-of-bounds read in Windows NDIS allows an authorized attacker to disclose information with a physical attack.
6.2
CVE-2026-20935 - Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability
Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an unauthorized attacker to disclose information locally.
8
CVE-2026-20931 - Windows Telephony Service Elevation of Privilege Vulnerability
External control of file name or path in Windows Telephony Service allows an authorized attacker to elevate privileges over an adjacent network.
7.5
CVE-2026-20929 - Windows HTTP.sys Elevation of Privilege Vulnerability
Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network.