CVE-2026-42986
- EPSS 2.01%
- Veröffentlicht 09.06.2026 17:17:14
- Zuletzt bearbeitet 11.06.2026 16:02:27
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
CVE-2026-42973
- EPSS 0.4%
- Veröffentlicht 09.06.2026 17:17:13
- Zuletzt bearbeitet 09.07.2026 00:17:09
Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally.
CVE-2026-42905
- EPSS 2.01%
- Veröffentlicht 09.06.2026 17:17:10
- Zuletzt bearbeitet 11.06.2026 16:14:34
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2026-42906
- EPSS 0.4%
- Veröffentlicht 09.06.2026 17:17:10
- Zuletzt bearbeitet 11.06.2026 16:13:37
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally.
CVE-2026-42837
- EPSS 0.33%
- Veröffentlicht 09.06.2026 17:17:09
- Zuletzt bearbeitet 09.07.2026 00:17:06
Out-of-bounds read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-42903
- EPSS 0.9%
- Veröffentlicht 09.06.2026 17:17:09
- Zuletzt bearbeitet 11.06.2026 16:17:05
Null pointer dereference in Windows Kerberos allows an authorized attacker to deny service over a network.
- EPSS 0.23%
- Veröffentlicht 09.06.2026 17:17:05
- Zuletzt bearbeitet 10.06.2026 19:59:24
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- EPSS 1.25%
- Veröffentlicht 19.05.2026 23:30:26
- Zuletzt bearbeitet 20.05.2026 16:42:42
Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices. We are issuin...
CVE-2026-40402
- EPSS 0.33%
- Veröffentlicht 12.05.2026 16:59:25
- Zuletzt bearbeitet 15.05.2026 15:23:40
Use after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally.
CVE-2026-40398
- EPSS 2.42%
- Veröffentlicht 12.05.2026 16:59:24
- Zuletzt bearbeitet 15.05.2026 15:27:39
Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.