CVE-2026-26175
Use of uninitialized resource in Windows Boot Manager allows an unauthorized attacker to bypass a security feature with a physical attack. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26175
Tagged: Cybersecurity Alert
CVE-2026-26170
Improper input validation in Microsoft PowerShell allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26170
CVE-2026-26171
Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26171
CVE-2026-26172
Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Push Notifications allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26172
CVE-2026-26166
Double free in Windows Shell allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26166
CVE-2026-26167
Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Push Notifications allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26167
CVE-2026-26168
Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26168
CVE-2026-26169
Buffer over-read in Windows Kernel Memory allows an authorized attacker to disclose information locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26169
CVE-2026-26162
Access of resource using incompatible type (‘type confusion’) in Windows OLE allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26162
CVE-2026-26163
Double free in Windows Kernel allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26163
CVE-2026-26165
Use after free in Windows Shell allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26165
CVE-2026-26159
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26159
CVE-2026-26160
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26160
CVE-2026-26161
Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26161