Search
CVE Explorer
Search the full tracked CVE corpus across every vendor — by keyword, vendor, severity, CVSS band and publication date. Server-rendered; each filtered view has its own URL.
01
Filters
Submit to refine — state is held in the URL.
02
Results
31,416 matching · page 150/629Each CVE id links to its NVD record.
| CVE | Severity | CVSS | Summary | Published |
|---|---|---|---|---|
| CVE-2026-20937(opens NVD record) | Medium | 5.5 | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. | Jan 13, 2026 |
| CVE-2026-20936(opens NVD record) | Medium | 4.3 | Out-of-bounds read in Windows NDIS allows an authorized attacker to disclose information with a physical attack. | Jan 13, 2026 |
| CVE-2026-20935(opens NVD record) | Medium | 6.2 | Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an unauthorized attacker to disclose information locally. | Jan 13, 2026 |
| CVE-2026-20934(opens NVD record) | High | 7.5 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network. | Jan 13, 2026 |
| CVE-2026-20932(opens NVD record) | Medium | 5.5 | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. | Jan 13, 2026 |
| CVE-2026-20931(opens NVD record) | High | 8.0 | External control of file name or path in Windows Telephony Service allows an authorized attacker to elevate privileges over an adjacent network. | Jan 13, 2026 |
| CVE-2026-20929(opens NVD record) | High | 7.5 | Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network. | Jan 13, 2026 |
| CVE-2026-20927(opens NVD record) | Medium | 5.3 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to deny service over a network. | Jan 13, 2026 |
| CVE-2026-20926(opens NVD record) | High | 7.5 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network. | Jan 13, 2026 |
| CVE-2026-20925(opens NVD record) | Medium | 6.5 | External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. | Jan 13, 2026 |
| CVE-2026-20924(opens NVD record) | High | 7.8 | Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20923(opens NVD record) | High | 7.8 | Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20922(opens NVD record) | High | 7.8 | Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally. | Jan 13, 2026 |
| CVE-2026-20921(opens NVD record) | High | 7.5 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network. | Jan 13, 2026 |
| CVE-2026-20920(opens NVD record) | High | 7.8 | Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20919(opens NVD record) | High | 7.5 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network. | Jan 13, 2026 |
| CVE-2026-20918(opens NVD record) | High | 7.8 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20877(opens NVD record) | High | 7.8 | Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20876(opens NVD record) | Medium | 6.7 | Heap-based buffer overflow in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20875(opens NVD record) | High | 7.5 | Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network. | Jan 13, 2026 |
| CVE-2026-20874(opens NVD record) | High | 7.8 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20873(opens NVD record) | High | 7.8 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20872(opens NVD record) | Medium | 6.5 | External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. | Jan 13, 2026 |
| CVE-2026-20871(opens NVD record) | High | 7.8 | Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20870(opens NVD record) | High | 7.8 | Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20869(opens NVD record) | High | 7.0 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Local Session Manager (LSM) allows an authorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20868(opens NVD record) | High | 8.8 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | Jan 13, 2026 |
| CVE-2026-20867(opens NVD record) | High | 7.8 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20866(opens NVD record) | High | 7.8 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20865(opens NVD record) | High | 7.8 | Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20864(opens NVD record) | High | 7.8 | Heap-based buffer overflow in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20863(opens NVD record) | High | 7.0 | Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20862(opens NVD record) | Medium | 5.5 | Exposure of sensitive information to an unauthorized actor in Windows Management Services allows an authorized attacker to disclose information locally. | Jan 13, 2026 |
| CVE-2026-20861(opens NVD record) | High | 7.8 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20860(opens NVD record) | High | 7.8 | Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20859(opens NVD record) | High | 7.8 | Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20858(opens NVD record) | High | 7.8 | Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20857(opens NVD record) | High | 7.8 | Untrusted pointer dereference in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20856(opens NVD record) | High | 8.1 | Improper input validation in Windows Server Update Service allows an unauthorized attacker to execute code over a network. | Jan 13, 2026 |
| CVE-2026-20854(opens NVD record) | High | 7.5 | Use after free in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to execute code over a network. | Jan 13, 2026 |
| CVE-2026-20853(opens NVD record) | High | 7.4 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows WalletService allows an unauthorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20852(opens NVD record) | High | 7.7 | Incorrect privilege assignment in Windows Hello allows an unauthorized attacker to perform tampering locally. | Jan 13, 2026 |
| CVE-2026-20851(opens NVD record) | Medium | 6.2 | Out-of-bounds read in Capability Access Management Service (camsvc) allows an unauthorized attacker to disclose information locally. | Jan 13, 2026 |
| CVE-2026-20849(opens NVD record) | High | 7.5 | Reliance on untrusted inputs in a security decision in Windows Kerberos allows an authorized attacker to elevate privileges over a network. | Jan 13, 2026 |
| CVE-2026-20848(opens NVD record) | High | 7.5 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network. | Jan 13, 2026 |
| CVE-2026-20847(opens NVD record) | Medium | 6.5 | Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to perform spoofing over a network. | Jan 13, 2026 |
| CVE-2026-20844(opens NVD record) | High | 7.4 | Use after free in Windows Clipboard Server allows an unauthorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20843(opens NVD record) | High | 7.8 | Improper access control in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20842(opens NVD record) | High | 7.0 | Use after free in Windows DWM allows an authorized attacker to elevate privileges locally. | Jan 13, 2026 |
| CVE-2026-20840(opens NVD record) | High | 7.8 | Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally. | Jan 13, 2026 |