CVE-2026-32183
- EPSS 0.62%
- Veröffentlicht 14.04.2026 16:57:32
- Zuletzt bearbeitet 20.04.2026 16:40:00
Improper neutralization of special elements used in a command ('command injection') in Windows Snipping Tool allows an unauthorized attacker to execute code locally.
CVE-2026-32181
- EPSS 0.42%
- Veröffentlicht 14.04.2026 16:57:31
- Zuletzt bearbeitet 26.05.2026 19:16:25
Improper privilege management in Microsoft Windows allows an authorized attacker to deny service locally.
CVE-2026-32165
- EPSS 0.2%
- Veröffentlicht 14.04.2026 16:57:29
- Zuletzt bearbeitet 20.04.2026 16:42:08
Use after free in Windows User Interface Core allows an authorized attacker to elevate privileges locally.
CVE-2026-32160
- EPSS 0.2%
- Veröffentlicht 14.04.2026 16:57:28
- Zuletzt bearbeitet 20.04.2026 18:15:39
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVE-2026-32158
- EPSS 0.2%
- Veröffentlicht 14.04.2026 16:57:27
- Zuletzt bearbeitet 20.04.2026 18:21:02
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVE-2026-32159
- EPSS 0.2%
- Veröffentlicht 14.04.2026 16:57:27
- Zuletzt bearbeitet 20.04.2026 18:19:16
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVE-2026-32157
- EPSS 0.78%
- Veröffentlicht 14.04.2026 16:57:26
- Zuletzt bearbeitet 07.05.2026 19:57:08
Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-32154
- EPSS 0.38%
- Veröffentlicht 14.04.2026 16:57:25
- Zuletzt bearbeitet 01.06.2026 16:25:38
Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
CVE-2026-32156
- EPSS 0.29%
- Veröffentlicht 14.04.2026 16:57:25
- Zuletzt bearbeitet 23.04.2026 14:51:17
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to execute code locally.
- EPSS 1.12%
- Veröffentlicht 14.04.2026 16:57:24
- Zuletzt bearbeitet 20.04.2026 18:27:30
Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.