7.3
CVE-2026-21235 - Windows Graphics Component Elevation of Privilege Vulnerability
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
7
CVE-2026-21242 - Windows Subsystem for Linux Elevation of Privilege Vulnerability
Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.
7.8
CVE-2026-21246 - Windows Graphics Component Elevation of Privilege Vulnerability
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
7.3
CVE-2026-21247 - Windows Hyper-V Remote Code Execution Vulnerability
Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally.
7.3
CVE-2026-21248 - Windows Hyper-V Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.
7.5
CVE-2026-21260 - Microsoft Outlook Spoofing Vulnerability
Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.
5.5
CVE-2026-21258 - Microsoft Excel Information Disclosure Vulnerability
Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
7.8
CVE-2026-21259 - Microsoft Excel Elevation of Privilege Vulnerability
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally.
6.5
CVE-2026-21512 - Azure DevOps Server Cross-Site Scripting Vulnerability
Server-side request forgery (ssrf) in Azure DevOps Server allows an authorized attacker to perform spoofing over a network.
4.7
CVE-2026-21517 - Windows App for Mac Installer Elevation of Privilege Vulnerability
Improper link resolution before file access ('link following') in Windows App for Mac allows an authorized attacker to elevate privileges locally.