Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
22796
Total
1628
Critical
7094
High
7273
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-50376 | MEDIUM | 6.5 | Use of uninitialized resource in Windows RDP allows an unauthorized attacker to disclose information over a network. | Jul 14, 2026 |
| CVE-2026-50375 | MEDIUM | 6.3 | Heap-based buffer overflow in Windows DirectX allows an authorized attacker to elevate privileges locally. | Jul 14, 2026 |
| CVE-2026-50374 | MEDIUM | 6.3 | Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges with a physical attack. | Jul 14, 2026 |
| CVE-2026-50373 | HIGH | 7.8 | Improper access control in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally. | Jul 14, 2026 |
| CVE-2026-50372 | HIGH | 7.0 | Buffer over-read in Windows Redirected Drive Buffering allows an authorized attacker to elevate privileges locally. | Jul 14, 2026 |
| CVE-2026-50371 | HIGH | 7.0 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows LUAFV allows an authorized attacker to elevate privileges locally. | Jul 14, 2026 |
| CVE-2026-50370 | HIGH | 8.8 | Heap-based buffer overflow in Windows DHCP Server allows an unauthorized attacker to execute code over an adjacent network. | Jul 14, 2026 |
| CVE-2026-50369 | HIGH | 8.8 | Use after free in Windows Remote Desktop Services allows an authorized attacker to elevate privileges over a network. | Jul 14, 2026 |
| CVE-2026-50368 | HIGH | 7.5 | Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network. | Jul 14, 2026 |
| CVE-2026-50367 | HIGH | 7.8 | Incorrect access of indexable resource ('range error') in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally. | Jul 14, 2026 |
| CVE-2026-50366 | MEDIUM | 6.5 | Null pointer dereference in Active Directory Domain Services allows an authorized attacker to deny service over a network. | Jul 14, 2026 |
| CVE-2026-50365 | HIGH | 8.0 | Improper authentication in Windows RPC API allows an unauthorized attacker to elevate privileges over an adjacent network. | Jul 14, 2026 |
| CVE-2026-50363 | HIGH | 7.8 | Heap-based buffer overflow in Windows Push Notifications allows an authorized attacker to elevate privileges locally. | Jul 14, 2026 |
| CVE-2026-50362 | HIGH | 7.8 | Heap-based buffer overflow in Windows Resilient File System (ReFS) allows an unauthorized attacker to execute code locally. | Jul 14, 2026 |
| CVE-2026-50361 | HIGH | 7.8 | Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. | Jul 14, 2026 |
| CVE-2026-50360 | HIGH | 8.8 | Incorrect implementation of authentication algorithm in Windows SMB Server allows an authorized attacker to elevate privileges over a network. | Jul 14, 2026 |
| CVE-2026-50359 | HIGH | 7.0 | Use after free in Microsoft XML Core Services allows an authorized attacker to elevate privileges locally. | Jul 14, 2026 |
| CVE-2026-50358 | HIGH | 7.0 | Use after free in Windows Media allows an authorized attacker to elevate privileges locally. | Jul 14, 2026 |
| CVE-2026-50357 | HIGH | 7.8 | Numeric truncation error in Windows Resilient File System (ReFS) allows an authorized attacker to execute code locally. | Jul 14, 2026 |
| CVE-2026-50355 | HIGH | 7.5 | Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network. | Jul 14, 2026 |
| CVE-2026-50353 | HIGH | 7.8 | Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally. | Jul 14, 2026 |
| CVE-2026-50352 | MEDIUM | 5.5 | Exposure of sensitive information to an unauthorized actor in Windows Cryptographic Services allows an authorized attacker to disclose information locally. | Jul 14, 2026 |
| CVE-2026-50348 | HIGH | 7.0 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Runtime allows an unauthorized attacker to elevate privileges over a network. | Jul 14, 2026 |
| CVE-2026-50347 | HIGH | 7.8 | Heap-based buffer overflow in Windows Data dll allows an unauthorized attacker to execute code locally. | Jul 14, 2026 |
| CVE-2026-50346 | HIGH | 7.8 | Improper authorization in RPC Runtime allows an authorized attacker to elevate privileges locally. | Jul 14, 2026 |