CVE-2026-32079
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32079
Tagged: Cybersecurity Alert
CVE-2026-32080
Use after free in Windows WalletService allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32080
CVE-2026-32081
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32081
CVE-2026-32076
Out-of-bounds read in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32076
CVE-2026-32077
Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32077
CVE-2026-32073
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32073
CVE-2026-32074
Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32074
CVE-2026-32075
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32075
CVE-2026-32070
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32070
CVE-2026-32071
Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32071
CVE-2026-32072
Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32072
CVE-2026-27931
Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27931
CVE-2026-32068
Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows SSDP Service allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32068
CVE-2026-32069
Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32069