CVE-2026-26156
- EPSS 0.41%
- Veröffentlicht 14.04.2026 16:57:55
- Zuletzt bearbeitet 24.04.2026 20:00:49
Heap-based buffer overflow in Windows Hyper-V allows an unauthorized attacker to execute code locally.
- EPSS 0.23%
- Veröffentlicht 14.04.2026 16:57:54
- Zuletzt bearbeitet 24.04.2026 20:05:42
Insecure storage of sensitive information in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.
CVE-2026-20928
- EPSS 0.43%
- Veröffentlicht 14.04.2026 16:57:51
- Zuletzt bearbeitet 24.04.2026 20:11:29
Improper removal of sensitive information before storage or transfer in Windows Recovery Environment Agent allows an unauthorized attacker to bypass a security feature with a physical attack.
CVE-2026-32212
- EPSS 0.31%
- Veröffentlicht 14.04.2026 16:57:50
- Zuletzt bearbeitet 20.04.2026 14:55:12
Improper link resolution before file access ('link following') in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally.
CVE-2026-33098
- EPSS 0.31%
- Veröffentlicht 14.04.2026 16:57:46
- Zuletzt bearbeitet 17.04.2026 19:26:07
Use after free in Windows Container Isolation FS Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-32217
- EPSS 0.42%
- Veröffentlicht 14.04.2026 16:57:38
- Zuletzt bearbeitet 20.04.2026 14:34:17
Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.
CVE-2026-32202
- EPSS 64.1%
- Veröffentlicht 14.04.2026 16:57:36
- Zuletzt bearbeitet 26.05.2026 20:00:21
Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-32183
- EPSS 0.62%
- Veröffentlicht 14.04.2026 16:57:32
- Zuletzt bearbeitet 20.04.2026 16:40:00
Improper neutralization of special elements used in a command ('command injection') in Windows Snipping Tool allows an unauthorized attacker to execute code locally.
CVE-2026-0390
- EPSS 0.32%
- Veröffentlicht 14.04.2026 16:57:29
- Zuletzt bearbeitet 24.04.2026 20:17:13
Reliance on untrusted inputs in a security decision in Windows Boot Loader allows an authorized attacker to bypass a security feature locally.
CVE-2026-32157
- EPSS 0.78%
- Veröffentlicht 14.04.2026 16:57:26
- Zuletzt bearbeitet 07.05.2026 19:57:08
Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.