Search
CVE Explorer
Search the full tracked CVE corpus across every vendor — by keyword, vendor, severity, CVSS band and publication date. Server-rendered; each filtered view has its own URL.
01
Filters
Submit to refine — state is held in the URL.
02
Results
29,995 matching · page 50/600Each CVE id links to its NVD record.
| CVE | Severity | CVSS | Summary | Published |
|---|---|---|---|---|
| CVE-2026-44810(opens NVD record) | High | 8.4 | Improper authentication in Windows Cryptographic Services allows an unauthorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-44809(opens NVD record) | High | 7.8 | Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-44808(opens NVD record) | High | 7.8 | Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-44807(opens NVD record) | High | 7.8 | Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-44805(opens NVD record) | Medium | 5.5 | Use after free in Windows Network Controller (NC) Host Agent allows an authorized attacker to deny service locally. | Jun 9, 2026 |
| CVE-2026-44804(opens NVD record) | High | 7.8 | Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-44803(opens NVD record) | High | 7.8 | Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally. | Jun 9, 2026 |
| CVE-2026-44802(opens NVD record) | High | 7.8 | Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-44801(opens NVD record) | High | 7.5 | Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | Jun 9, 2026 |
| CVE-2026-44799(opens NVD record) | High | 7.5 | Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | Jun 9, 2026 |
| CVE-2026-42993(opens NVD record) | High | 7.5 | Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | Jun 9, 2026 |
| CVE-2026-42992(opens NVD record) | High | 7.5 | Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | Jun 9, 2026 |
| CVE-2026-42991(opens NVD record) | High | 7.8 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42989(opens NVD record) | High | 7.8 | Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42987(opens NVD record) | High | 8.1 | Use after free in Windows Deployment Services allows an unauthorized attacker to execute code over a network. | Jun 9, 2026 |
| CVE-2026-42986(opens NVD record) | High | 7.8 | Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42985(opens NVD record) | High | 8.8 | Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | Jun 9, 2026 |
| CVE-2026-42984(opens NVD record) | High | 7.0 | Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42983(opens NVD record) | High | 7.8 | Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42981(opens NVD record) | High | 8.1 | Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacker to execute code over a network. | Jun 9, 2026 |
| CVE-2026-42980(opens NVD record) | High | 7.8 | Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42979(opens NVD record) | High | 7.8 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42978(opens NVD record) | High | 7.8 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42977(opens NVD record) | High | 7.8 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42974(opens NVD record) | High | 8.1 | Integer overflow or wraparound in Windows Performance Monitor allows an unauthorized attacker to execute code over a network. | Jun 9, 2026 |
| CVE-2026-42973(opens NVD record) | Medium | 5.5 | Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally. | Jun 9, 2026 |
| CVE-2026-42972(opens NVD record) | Medium | 5.5 | Exposure of sensitive information to an unauthorized actor in Windows Hyper-V allows an authorized attacker to disclose information locally. | Jun 9, 2026 |
| CVE-2026-42971(opens NVD record) | Medium | 5.5 | Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally. | Jun 9, 2026 |
| CVE-2026-42970(opens NVD record) | Medium | 5.5 | Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally. | Jun 9, 2026 |
| CVE-2026-42969(opens NVD record) | Medium | 5.5 | Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally. | Jun 9, 2026 |
| CVE-2026-42968(opens NVD record) | Medium | 5.5 | Out-of-bounds read in Windows Telephony Service allows an authorized attacker to disclose information locally. | Jun 9, 2026 |
| CVE-2026-42916(opens NVD record) | High | 7.8 | Integer overflow or wraparound in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42915(opens NVD record) | Medium | 5.5 | Incorrect calculation of buffer size in Windows VMSwitch allows an authorized attacker to deny service locally. | Jun 9, 2026 |
| CVE-2026-42914(opens NVD record) | Medium | 5.3 | Out-of-bounds read in Windows Kerberos allows an authorized attacker to deny service over a network. | Jun 9, 2026 |
| CVE-2026-42913(opens NVD record) | High | 7.5 | Concurrent execution using shared resource with improper synchronization ('race condition') in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | Jun 9, 2026 |
| CVE-2026-42912(opens NVD record) | High | 7.0 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Telephony Service allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42911(opens NVD record) | High | 7.0 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42910(opens NVD record) | High | 7.8 | Out-of-bounds write in Windows Hotpatch Monitoring Service allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42909(opens NVD record) | High | 7.5 | Concurrent execution using shared resource with improper synchronization ('race condition') in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | Jun 9, 2026 |
| CVE-2026-42908(opens NVD record) | High | 7.5 | Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network. | Jun 9, 2026 |
| CVE-2026-42907(opens NVD record) | Medium | 6.5 | Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information over a network. | Jun 9, 2026 |
| CVE-2026-42906(opens NVD record) | Medium | 5.5 | Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally. | Jun 9, 2026 |
| CVE-2026-42905(opens NVD record) | High | 7.8 | Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42904(opens NVD record) | Critical | 9.6 | Heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate privileges over an adjacent network. | Jun 9, 2026 |
| CVE-2026-42903(opens NVD record) | Medium | 6.5 | Null pointer dereference in Windows Kerberos allows an authorized attacker to deny service over a network. | Jun 9, 2026 |
| CVE-2026-42902(opens NVD record) | High | 7.8 | Improper authorization in Microsoft PowerToys allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42837(opens NVD record) | High | 7.8 | Out-of-bounds read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42836(opens NVD record) | High | 7.0 | Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42835(opens NVD record) | High | 8.1 | Improper neutralization of special elements in output used by a downstream component ('injection') in Microsoft Teams for Android allows an authorized attacker to disclose information over a network. | Jun 9, 2026 |
| CVE-2026-42829(opens NVD record) | High | 7.8 | Improper access control in Windows Administrator Protection allows an authorized attacker to bypass a security feature locally. | Jun 9, 2026 |