Search
CVE Explorer
Search the full tracked CVE corpus across every vendor — by keyword, vendor, severity, CVSS band and publication date. Server-rendered; each filtered view has its own URL.
01
Filters
Submit to refine — state is held in the URL.
02
Results
77,269 matching · page 58/1546Each CVE id links to its NVD record.
| CVE | Severity | CVSS | Summary | Published |
|---|---|---|---|---|
| CVE-2026-42974(opens NVD record) | High | 8.1 | Integer overflow or wraparound in Windows Performance Monitor allows an unauthorized attacker to execute code over a network. | Jun 9, 2026 |
| CVE-2026-42973(opens NVD record) | Medium | 5.5 | Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally. | Jun 9, 2026 |
| CVE-2026-42972(opens NVD record) | Medium | 5.5 | Exposure of sensitive information to an unauthorized actor in Windows Hyper-V allows an authorized attacker to disclose information locally. | Jun 9, 2026 |
| CVE-2026-42971(opens NVD record) | Medium | 5.5 | Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally. | Jun 9, 2026 |
| CVE-2026-42970(opens NVD record) | Medium | 5.5 | Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally. | Jun 9, 2026 |
| CVE-2026-42969(opens NVD record) | Medium | 5.5 | Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally. | Jun 9, 2026 |
| CVE-2026-42968(opens NVD record) | Medium | 5.5 | Out-of-bounds read in Windows Telephony Service allows an authorized attacker to disclose information locally. | Jun 9, 2026 |
| CVE-2026-42916(opens NVD record) | High | 7.8 | Integer overflow or wraparound in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42915(opens NVD record) | Medium | 5.5 | Incorrect calculation of buffer size in Windows VMSwitch allows an authorized attacker to deny service locally. | Jun 9, 2026 |
| CVE-2026-42914(opens NVD record) | Medium | 5.3 | Out-of-bounds read in Windows Kerberos allows an authorized attacker to deny service over a network. | Jun 9, 2026 |
| CVE-2026-42913(opens NVD record) | High | 7.5 | Concurrent execution using shared resource with improper synchronization ('race condition') in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | Jun 9, 2026 |
| CVE-2026-42912(opens NVD record) | High | 7.0 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Telephony Service allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42911(opens NVD record) | High | 7.0 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42910(opens NVD record) | High | 7.8 | Out-of-bounds write in Windows Hotpatch Monitoring Service allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42909(opens NVD record) | High | 7.5 | Concurrent execution using shared resource with improper synchronization ('race condition') in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | Jun 9, 2026 |
| CVE-2026-42908(opens NVD record) | High | 7.5 | Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network. | Jun 9, 2026 |
| CVE-2026-42907(opens NVD record) | Medium | 6.5 | Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information over a network. | Jun 9, 2026 |
| CVE-2026-42906(opens NVD record) | Medium | 5.5 | Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally. | Jun 9, 2026 |
| CVE-2026-42905(opens NVD record) | High | 7.8 | Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42904(opens NVD record) | Critical | 9.6 | Heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate privileges over an adjacent network. | Jun 9, 2026 |
| CVE-2026-42903(opens NVD record) | Medium | 6.5 | Null pointer dereference in Windows Kerberos allows an authorized attacker to deny service over a network. | Jun 9, 2026 |
| CVE-2026-42902(opens NVD record) | High | 7.8 | Improper authorization in Microsoft PowerToys allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42837(opens NVD record) | High | 7.8 | Out-of-bounds read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42836(opens NVD record) | High | 7.0 | Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-42835(opens NVD record) | High | 8.1 | Improper neutralization of special elements in output used by a downstream component ('injection') in Microsoft Teams for Android allows an authorized attacker to disclose information over a network. | Jun 9, 2026 |
| CVE-2026-42829(opens NVD record) | High | 7.8 | Improper access control in Windows Administrator Protection allows an authorized attacker to bypass a security feature locally. | Jun 9, 2026 |
| CVE-2026-42828(opens NVD record) | High | 7.8 | Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-41108(opens NVD record) | High | 7.0 | Heap-based buffer overflow in Microsoft Windows DNS allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-41098(opens NVD record) | High | 8.4 | Improper neutralization of input during web page generation ('cross-site scripting') in Azure Stack Edge allows an authorized attacker to perform spoofing over a network. | Jun 9, 2026 |
| CVE-2026-41092(opens NVD record) | High | 7.8 | Improper access control in Microsoft Kinect allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-40409(opens NVD record) | High | 7.8 | Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability | Jun 9, 2026 |
| CVE-2026-40404(opens NVD record) | High | 7.8 | Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability | Jun 9, 2026 |
| CVE-2026-40376(opens NVD record) | High | 7.5 | Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network. | Jun 9, 2026 |
| CVE-2026-40371(opens NVD record) | High | 8.8 | Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to elevate privileges over a network. | Jun 9, 2026 |
| CVE-2026-34335(opens NVD record) | High | 7.0 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-33828(opens NVD record) | High | 7.8 | Trust boundary violation in Windows Attestation allows an authorized attacker to elevate privileges locally. | Jun 9, 2026 |
| CVE-2026-33113(opens NVD record) | Medium | 5.4 | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network. | Jun 9, 2026 |
| CVE-2026-32193(opens NVD record) | High | 8.8 | Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Azure Kubernetes Service allows an authorized attacker to execute code locally. | Jun 9, 2026 |
| CVE-2026-26142(opens NVD record) | Critical | 9.8 | Deserialization of untrusted data in Nuance PowerScribe allows an unauthorized attacker to execute code over a network. | Jun 9, 2026 |
| CVE-2026-49938(opens NVD record) | Medium | 6.5 | A improper access control vulnerability in Fortinet FortiPortal 7.4.0 through 7.4.7, FortiPortal 7.2.0 through 7.2.8, FortiPortal 7.0 all versions may allow attacker to improper access control via <insert attack vector here> | Jun 9, 2026 |
| CVE-2026-25089(opens NVD record) | Critical | 9.8 | A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4 through 5.0.5, FortiSandbox PaaS 5.0.4 through 5.0.5 may allow an unauthenticated attacker to execute unauthorized commands via specifically crafted HTTP requests | Jun 9, 2026 |
| CVE-2026-10523(opens NVD record) | Critical | 9.9 | An Authentication Bypass vulnerability (CWE-288) in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access | Jun 9, 2026 |
| CVE-2026-10520(opens NVD record) | Critical | 10.0 | An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution | Jun 9, 2026 |
| CVE-2025-67862(opens NVD record) | Medium | 6.7 | An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability [CWE-1244] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.10, FortiProxy 7.2.0 through 7.2.14, FortiProxy 7.0 all versions may allow an authenticated admin to execute lua scripts via crafted CLI commands. | Jun 9, 2026 |
| CVE-2026-52907(opens NVD record) | High | 7.8 | In the Linux kernel, the following vulnerability has been resolved: media: rockchip: rkcif: fix off by one bugs Change these comparisons from > vs >= to avoid accessing one element beyond the end of the arrays. While at it, use ARRAY_SIZE instead of the _MAX enum values. [fix cosmetic issues] | Jun 9, 2026 |
| CVE-2026-52906(opens NVD record) | High | 7.7 | In the Linux kernel, the following vulnerability has been resolved: 9p: fix access mode flags being ORed instead of replaced Since commit 1f3e4142c0eb ("9p: convert to the new mount API"), v9fs_apply_options() applies parsed mount flags with |= onto flags already set by v9fs_session_init(). For 9P2000.L, session_init sets V9FS_ACCESS_CLIENT as the default, so when the user mounts with "access=user", both bits end up set. Access mode checks compare against exact values, so having both bits set matches neither mode. This causes v9fs_fid_lookup() to fall through to the default switch case, using INVALID_UID (nobody/65534) instead of current_fsuid() for all fid lookups. Root is then unable to chown or perform other privileged operations. Fix by clearing the access mask before applying the user's choice. | Jun 9, 2026 |
| CVE-2026-52905(opens NVD record) | Medium | 5.5 | In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: disallow non-power of two min_region_sz on damon_start() Commit d8f867fa0825 ("mm/damon: add damon_ctx->min_sz_region") introduced a bug that allows unaligned DAMON region address ranges. Commit c80f46ac228b ("mm/damon/core: disallow non-power of two min_region_sz") fixed it, but only for damon_commit_ctx() use case. Still, DAMON sysfs interface can emit non-power of two min_region_sz via damon_start(). Fix the path by adding the is_power_of_2() check on damon_start(). The issue was discovered by sashiko [1]. | Jun 9, 2026 |
| CVE-2026-52904(opens NVD record) | Medium | 5.5 | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix nvkm_device leak on aperture removal failure When aperture_remove_conflicting_pci_devices() fails during probe, the error path returns directly without unwinding the nvkm_device that was just allocated by nvkm_device_pci_new(). This leaks both the device wrapper and the pci_enable_device() reference taken inside it. Jump to the existing fail_nvkm label so nvkm_device_del() runs and balances both. The leak was introduced when the intermediate nvkm_device_del() between detection and aperture removal was dropped in favor of creating the pci device once. | Jun 9, 2026 |
| CVE-2026-46332(opens NVD record) | High | 8.0 | In the Linux kernel, the following vulnerability has been resolved: greybus: gb-beagleplay: bound bootloader receive buffering cc1352_bootloader_rx() appends each serdev chunk into the fixed rx_buffer before parsing bootloader packets. The helper can keep leftover bytes between callbacks and may receive multiple packets in one callback, so a single count value is not constrained by one packet length. Check that the incoming chunk fits in the remaining receive buffer space before memcpy(). If it does not, drop the staged data and consume the bytes instead of overflowing rx_buffer. | Jun 9, 2026 |
| CVE-2026-46330(opens NVD record) | High | 7.8 | In the Linux kernel, the following vulnerability has been resolved: Revert "net/smc: Introduce TCP ULP support" This reverts commit d7cd421da9da2cc7b4d25b8537f66db5c8331c40. As reported by Al Viro, the TCP ULP support for SMC is fundamentally broken. The implementation attempts to convert an active TCP socket into an SMC socket by modifying the underlying `struct file`, dentry, and inode in-place, which violates core VFS invariants that assume these structures are immutable for an open file, creating a risk of use after free errors and general system instability. Given the severity of this design flaw and the fact that cleaner alternatives (e.g., LD_PRELOAD, BPF) exist for legacy application transparency, the correct course of action is to remove this feature entirely. | Jun 9, 2026 |