CVE-2026-32219
Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32219
Tagged: Cybersecurity Alert
CVE-2026-32220
Improper access control in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32220
CVE-2026-32217
Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32217
CVE-2026-32214
Improper access control in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32214
CVE-2026-32215
Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32215
CVE-2026-32216
Null pointer dereference in Windows Redirected Drive Buffering allows an authorized attacker to deny service locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32216
CVE-2026-32201
Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32201
CVE-2026-32202
Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32202
CVE-2026-32203
Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32203
CVE-2026-32212
Improper link resolution before file access (‘link following’) in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32212
CVE-2026-32196
Improper neutralization of input during web page generation (‘cross-site scripting’) in Windows Admin Center allows an unauthorized attacker to perform spoofing over a network. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32196
CVE-2026-32197
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32197
CVE-2026-32198
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32198
CVE-2026-32199
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32199