CVE-2026-42970
- EPSS 0.4%
- Veröffentlicht 09.06.2026 17:17:12
- Zuletzt bearbeitet 09.07.2026 00:17:08
Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally.
CVE-2026-42971
- EPSS 0.46%
- Veröffentlicht 09.06.2026 17:17:12
- Zuletzt bearbeitet 09.07.2026 00:17:08
Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally.
CVE-2026-42972
- EPSS 0.46%
- Veröffentlicht 09.06.2026 17:17:12
- Zuletzt bearbeitet 10.06.2026 19:55:47
Exposure of sensitive information to an unauthorized actor in Windows Hyper-V allows an authorized attacker to disclose information locally.
- EPSS 0.23%
- Veröffentlicht 09.06.2026 17:17:11
- Zuletzt bearbeitet 11.06.2026 19:47:48
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- EPSS 0.21%
- Veröffentlicht 09.06.2026 17:17:11
- Zuletzt bearbeitet 11.06.2026 19:47:59
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
CVE-2026-42914
- EPSS 0.79%
- Veröffentlicht 09.06.2026 17:17:11
- Zuletzt bearbeitet 09.07.2026 00:17:08
Out-of-bounds read in Windows Kerberos allows an authorized attacker to deny service over a network.
CVE-2026-42916
- EPSS 0.33%
- Veröffentlicht 09.06.2026 17:17:11
- Zuletzt bearbeitet 09.07.2026 00:17:08
Integer overflow or wraparound in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-42905
- EPSS 2.01%
- Veröffentlicht 09.06.2026 17:17:10
- Zuletzt bearbeitet 11.06.2026 16:14:34
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2026-42907
- EPSS 0.82%
- Veröffentlicht 09.06.2026 17:17:10
- Zuletzt bearbeitet 09.07.2026 00:17:07
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information over a network.
CVE-2026-42909
- EPSS 0.4%
- Veröffentlicht 09.06.2026 17:17:10
- Zuletzt bearbeitet 09.07.2026 00:17:07
Concurrent execution using shared resource with improper synchronization ('race condition') in Remote Desktop Client allows an unauthorized attacker to execute code over a network.