8.1
CVE-2026-26148 - Microsoft Azure AD SSH Login extension for Linux Elevation of Privilege Vulnerability
External initialization of trusted variables or data stores in Azure Entra ID allows an unauthorized attacker to elevate privileges locally.
7.5
CVE-2026-23674 - MapUrlToZone Security Feature Bypass Vulnerability
Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.
7.8
CVE-2026-26134 - Microsoft Office Elevation of Privilege Vulnerability
Integer overflow or wraparound in Microsoft Office allows an authorized attacker to elevate privileges locally.
7.5
CVE-2026-26127 - .NET Denial of Service Vulnerability
Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network.
7.8
CVE-2026-26132 - Windows Kernel Elevation of Privilege Vulnerability
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
7.8
CVE-2026-26131 - .NET Elevation of Privilege Vulnerability
Incorrect default permissions in .NET allows an authorized attacker to elevate privileges locally.
7.8
CVE-2026-26128 - Windows SMB Server Elevation of Privilege Vulnerability
Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.
8.8
CVE-2026-26116 - SQL Server Elevation of Privilege Vulnerability
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
8.8
CVE-2026-26115 - SQL Server Elevation of Privilege Vulnerability
Improper validation of specified type of input in SQL Server allows an authorized attacker to elevate privileges over a network.
7.5
CVE-2026-26121 - Azure IOT Explorer Spoofing Vulnerability
Server-side request forgery (ssrf) in Azure IoT Explorer allows an unauthorized attacker to perform spoofing over a network.