CVE-2026-42905
- EPSS 2.01%
- Veröffentlicht 09.06.2026 17:17:10
- Zuletzt bearbeitet 11.06.2026 16:14:34
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2026-42906
- EPSS 0.4%
- Veröffentlicht 09.06.2026 17:17:10
- Zuletzt bearbeitet 11.06.2026 16:13:37
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally.
CVE-2026-42907
- EPSS 0.82%
- Veröffentlicht 09.06.2026 17:17:10
- Zuletzt bearbeitet 09.07.2026 00:17:07
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information over a network.
CVE-2026-42909
- EPSS 0.4%
- Veröffentlicht 09.06.2026 17:17:10
- Zuletzt bearbeitet 09.07.2026 00:17:07
Concurrent execution using shared resource with improper synchronization ('race condition') in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-42910
- EPSS 0.29%
- Veröffentlicht 09.06.2026 17:17:10
- Zuletzt bearbeitet 11.06.2026 19:46:59
Out-of-bounds write in Windows Hotpatch Monitoring Service allows an authorized attacker to elevate privileges locally.
CVE-2026-42829
- EPSS 0.29%
- Veröffentlicht 09.06.2026 17:17:09
- Zuletzt bearbeitet 11.06.2026 17:02:07
Improper access control in Windows Administrator Protection allows an authorized attacker to bypass a security feature locally.
- EPSS 0.2%
- Veröffentlicht 09.06.2026 17:17:09
- Zuletzt bearbeitet 11.06.2026 17:01:24
Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.
CVE-2026-42837
- EPSS 0.33%
- Veröffentlicht 09.06.2026 17:17:09
- Zuletzt bearbeitet 09.07.2026 00:17:06
Out-of-bounds read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-42903
- EPSS 0.9%
- Veröffentlicht 09.06.2026 17:17:09
- Zuletzt bearbeitet 11.06.2026 16:17:05
Null pointer dereference in Windows Kerberos allows an authorized attacker to deny service over a network.
CVE-2026-42904
- EPSS 0.44%
- Veröffentlicht 09.06.2026 17:17:09
- Zuletzt bearbeitet 11.06.2026 16:15:55
Heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate privileges over an adjacent network.