CVE-2026-20929
- EPSS 1.14%
- Veröffentlicht 13.01.2026 17:57:02
- Zuletzt bearbeitet 16.01.2026 15:05:21
Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network.
CVE-2026-20873
- EPSS 0.3%
- Veröffentlicht 13.01.2026 17:57:01
- Zuletzt bearbeitet 15.01.2026 21:39:34
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.
CVE-2026-20872
- EPSS 19.11%
- Veröffentlicht 13.01.2026 17:57:00
- Zuletzt bearbeitet 27.03.2026 21:17:01
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-20870
- EPSS 0.45%
- Veröffentlicht 13.01.2026 17:56:59
- Zuletzt bearbeitet 15.01.2026 15:47:31
Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
CVE-2026-20868
- EPSS 1.34%
- Veröffentlicht 13.01.2026 17:56:58
- Zuletzt bearbeitet 10.02.2026 15:16:05
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2026-20861
- EPSS 0.29%
- Veröffentlicht 13.01.2026 17:56:55
- Zuletzt bearbeitet 15.01.2026 15:31:53
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.
CVE-2026-20853
- EPSS 0.31%
- Veröffentlicht 13.01.2026 17:56:54
- Zuletzt bearbeitet 15.01.2026 13:28:14
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows WalletService allows an unauthorized attacker to elevate privileges locally.
CVE-2026-20848
- EPSS 0.73%
- Veröffentlicht 13.01.2026 17:56:53
- Zuletzt bearbeitet 15.01.2026 14:03:20
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.
CVE-2026-20849
- EPSS 0.97%
- Veröffentlicht 13.01.2026 17:56:53
- Zuletzt bearbeitet 15.01.2026 14:00:19
Reliance on untrusted inputs in a security decision in Windows Kerberos allows an authorized attacker to elevate privileges over a network.
CVE-2026-20843
- EPSS 3.32%
- Veröffentlicht 13.01.2026 17:56:52
- Zuletzt bearbeitet 15.01.2026 14:11:49
Improper access control in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally.