CVE-2026-20806
- EPSS 0.34%
- Veröffentlicht 14.04.2026 16:57:51
- Zuletzt bearbeitet 24.04.2026 20:16:21
Access of resource using incompatible type ('type confusion') in Windows COM allows an authorized attacker to disclose information locally.
CVE-2026-20928
- EPSS 0.43%
- Veröffentlicht 14.04.2026 16:57:51
- Zuletzt bearbeitet 24.04.2026 20:11:29
Improper removal of sensitive information before storage or transfer in Windows Recovery Environment Agent allows an unauthorized attacker to bypass a security feature with a physical attack.
CVE-2026-32212
- EPSS 0.31%
- Veröffentlicht 14.04.2026 16:57:50
- Zuletzt bearbeitet 20.04.2026 14:55:12
Improper link resolution before file access ('link following') in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally.
- EPSS 0.54%
- Veröffentlicht 14.04.2026 16:57:50
- Zuletzt bearbeitet 17.04.2026 19:19:51
Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network.
CVE-2026-33098
- EPSS 0.31%
- Veröffentlicht 14.04.2026 16:57:46
- Zuletzt bearbeitet 17.04.2026 19:26:07
Use after free in Windows Container Isolation FS Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-33096
- EPSS 1.25%
- Veröffentlicht 14.04.2026 16:57:45
- Zuletzt bearbeitet 17.04.2026 19:32:17
Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.
CVE-2026-32218
- EPSS 0.44%
- Veröffentlicht 14.04.2026 16:57:39
- Zuletzt bearbeitet 20.04.2026 14:33:13
Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.
CVE-2026-32217
- EPSS 0.42%
- Veröffentlicht 14.04.2026 16:57:38
- Zuletzt bearbeitet 20.04.2026 14:34:17
Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.
CVE-2026-32215
- EPSS 0.42%
- Veröffentlicht 14.04.2026 16:57:37
- Zuletzt bearbeitet 20.04.2026 14:35:41
Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.
CVE-2026-32202
- EPSS 64.1%
- Veröffentlicht 14.04.2026 16:57:36
- Zuletzt bearbeitet 26.05.2026 20:00:21
Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network.