Microsoft Microsoft Makers of the Windows Operating System and hundreds of products that run on it.

  1. Vendors
  2. Microsoft

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Microsoft product.

RSS Feeds for Microsoft security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Microsoft products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Microsoft Sorted by Most Security Vulnerabilities since 2018

Microsoft Windows 104713 vulnerabilities

Microsoft Windows Server 20194480 vulnerabilities

Microsoft Windows Server 20164467 vulnerabilities

Microsoft Windows Server 20123370 vulnerabilities

Microsoft Windows Server 20082820 vulnerabilities

Microsoft Windows Server 20222817 vulnerabilities

Microsoft Windows 112280 vulnerabilities

Microsoft Windows 71810 vulnerabilities

Microsoft Windows 8.11712 vulnerabilities

Microsoft Windows 11 23h21667 vulnerabilities

Microsoft Windows Rt 8 11592 vulnerabilities

Microsoft Windows 10 15071453 vulnerabilities

Microsoft Windows 11 24h21356 vulnerabilities

Microsoft Windows Server 23h21356 vulnerabilities

Microsoft Windows Server 20251317 vulnerabilities

Microsoft Windows Server 2012 R21247 vulnerabilities

Microsoft Windows Server 2022 23h21115 vulnerabilities

Microsoft Windows931 vulnerabilities

Microsoft Windows Server 2008 R2852 vulnerabilities

Microsoft Windows Server 2008 Sp2680 vulnerabilities

Microsoft Windows Server655 vulnerabilities

Microsoft Office596 vulnerabilities

Microsoft Internet Explorer (IE)528 vulnerabilities
Popular web browser for windows

Microsoft Windows 11 25h2514 vulnerabilities

Microsoft 365 Apps494 vulnerabilities

Microsoft Sharepoint Server451 vulnerabilities

Microsoft Edge Browser412 vulnerabilities
Web Browser based on Chromium

Microsoft Windows Vista382 vulnerabilities

Microsoft Windows 11 26h1360 vulnerabilities

Microsoft Windows XP326 vulnerabilities

Microsoft Windows 10 1803275 vulnerabilities

Microsoft Windows 10 1909274 vulnerabilities

Microsoft Windows Server 2003262 vulnerabilities

Microsoft Windows Server 2004245 vulnerabilities

Microsoft Windows Server 1903240 vulnerabilities

Microsoft Office 2024231 vulnerabilities

Microsoft Edge Chromium230 vulnerabilities

Microsoft Windows Server 1909223 vulnerabilities

Microsoft Office 2021221 vulnerabilities

Microsoft Office Long Term Servicing Channel210 vulnerabilities

Microsoft Office 2019210 vulnerabilities

Microsoft Windows Server 20h2208 vulnerabilities

Microsoft Excel192 vulnerabilities
Spreadsheet Software

Microsoft Office Macos 2024186 vulnerabilities

Microsoft Office Macos 2021184 vulnerabilities

Microsoft Windows 2003 Server162 vulnerabilities

Microsoft Sql Server 2019136 vulnerabilities

Microsoft Office Online Server135 vulnerabilities

Microsoft Exchange Server132 vulnerabilities

Microsoft Visual Studio 2022124 vulnerabilities

Microsoft Visual Studio 2019124 vulnerabilities

Microsoft Sharepoint Server 2019113 vulnerabilities

Microsoft Windows 2000112 vulnerabilities

Microsoft Sharepoint Server 2016111 vulnerabilities

Microsoft Windows 11 2h2110 vulnerabilities

Microsoft Sql Server 2022108 vulnerabilities

Microsoft Word104 vulnerabilities

Microsoft Dynamics 365101 vulnerabilities

Microsoft Windows Server 1803101 vulnerabilities

Microsoft Net98 vulnerabilities

Microsoft Windows 10 21h198 vulnerabilities

Microsoft SQL Server98 vulnerabilities
Database Server

Microsoft Visual Studio 201796 vulnerabilities

Microsoft Sql Server 201795 vulnerabilities

Microsoft Visual Studio94 vulnerabilities
Developer IDE

Microsoft Sql Server 201693 vulnerabilities

Microsoft Excel 201687 vulnerabilities

Microsoft Office 365 Proplus87 vulnerabilities

Microsoft Outlook86 vulnerabilities

Microsoft Visual Studio Code73 vulnerabilities
VSCode Developer IDE

Microsoft Office 201662 vulnerabilities

Microsoft Windows 861 vulnerabilities

Microsoft Office Compatibility Pack61 vulnerabilities

Microsoft Windows Nt57 vulnerabilities

Microsoft Office Web Apps55 vulnerabilities

Microsoft Azure Site Recovery53 vulnerabilities

Microsoft Windows Rt46 vulnerabilities

Microsoft Powershell45 vulnerabilities

Microsoft Http Server41 vulnerabilities

Microsoft Office Web Apps Server41 vulnerabilities

Microsoft Windows 10 170940 vulnerabilities

Microsoft Azure Devops Server40 vulnerabilities

Microsoft 38 vulnerabilities

Microsoft ASP.NET Core37 vulnerabilities

Microsoft Mysql36 vulnerabilities

Microsoft .NET Core35 vulnerabilities

Microsoft Remote Desktop34 vulnerabilities

Microsoft Excel Viewer34 vulnerabilities

Microsoft Office 36533 vulnerabilities

Microsoft Word 201632 vulnerabilities

Microsoft Ole Db Driver For Sql Server31 vulnerabilities

Microsoft Windows 10 170331 vulnerabilities

Microsoft Teams27 vulnerabilities

Microsoft Windows 10 200426 vulnerabilities

Microsoft Windows 10 190326 vulnerabilities

Microsoft Odbc Driver For Sql Server26 vulnerabilities

Microsoft Exchange Server 201625 vulnerabilities

Microsoft .NET Framework25 vulnerabilities

Recent Microsoft Security Advisories

Advisory Title Published
CVE-2026-46331 CVE-2026-46331 net/sched: fix pedit partial COW leading to page cache corruption June 20, 2026
CVE-2026-12466 CVE-2026-12466 Heap buffer overflow in WebRTC June 19, 2026
CVE-2026-12461 CVE-2026-12461 Out of bounds read in WebRTC June 19, 2026
CVE-2026-12449 CVE-2026-12449 Use after free in Chromoting June 19, 2026
CVE-2026-12444 CVE-2026-12444 Out of bounds read in Chromoting June 19, 2026
CVE-2026-12437 CVE-2026-12437 Use after free in WebShare June 19, 2026
CVE-2026-12468 CVE-2026-12468 Inappropriate implementation in Updater June 19, 2026
CVE-2026-12454 CVE-2026-12454 Race in Safe Browsing June 19, 2026
CVE-2026-12467 CVE-2026-12467 Use after free in Extensions June 19, 2026
CVE-2026-12465 CVE-2026-12465 Insufficient validation of untrusted input in Metrics June 19, 2026

Known Exploited Microsoft Vulnerabilities

The following Microsoft vulnerabilities have recently been marked by CISA as Known to be Exploited by threat actors.

Title Description Added
Microsoft Internet Explorer Use-After-Free Vulnerability Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.
CVE-2010-0249 Exploit Probability: 91.9% 		May 20, 2026
Microsoft Windows Buffer Overflow Vulnerability Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted RPC request that triggers an overflow during path canonicalization.
CVE-2008-4250 Exploit Probability: 98.8% 		May 20, 2026
Microsoft Defender Denial of Service Vulnerability Microsoft Defender contains an unspecified vulnerability that allows for denial of service.
CVE-2026-45498 Exploit Probability: 2.5% 		May 20, 2026
Microsoft DirectX NULL Byte Overwrite Vulnerability Microsoft DirectX contains a NULL byte overwrite vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow which could allow remote attackers to execute arbitrary code via a crafted QuickTime media file.
CVE-2009-1537 Exploit Probability: 50.9% 		May 20, 2026
Microsoft Internet Explorer Use-After-Free Vulnerability Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.
CVE-2010-0806 Exploit Probability: 82.0% 		May 20, 2026
Microsoft Defender Link Following Vulnerability Microsoft Defender contains a link following vulnerability that allows an authorized attacker to elevate privileges locally.
CVE-2026-41091 Exploit Probability: 1.2% 		May 20, 2026
Microsoft Exchange Server Cross-Site Scripting Vulnerability Microsoft Exchange Server contains a cross-site scripting vulnerability during web page generation in Outlook Web Access and when certain interaction conditions are met, arbitrary JavaScript can be executed in the browser context.
CVE-2026-42897 Exploit Probability: 2.5% 		May 15, 2026
Microsoft Windows Protection Mechanism Failure Vulnerability Microsoft Windows Shell contains a protection mechanism failure vulnerability that allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-32202 Exploit Probability: 20.0% 		April 28, 2026
Microsoft Defender Insufficient Granularity of Access Control Vulnerability Microsoft Defender contains an insufficient granularity of access control vulnerability that could allow an authorized attacker to escalate privileges locally.
CVE-2026-33825 Exploit Probability: 6.2% 		April 22, 2026
Microsoft Office Remote Code Execution Microsoft Office Excel contains a remote code execution vulnerability that could allow an attacker to take complete control of an affected system if a user opens a specially crafted Excel file that includes a malformed object.
CVE-2009-0238 Exploit Probability: 43.1% 		April 14, 2026
Microsoft SharePoint Server Improper Input Validation Vulnerability Microsoft SharePoint Server contains an improper input validation vulnerability that allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-32201 Exploit Probability: 24.2% 		April 14, 2026
Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability Microsoft Exchange Server contains a deserialization of untrusted data that allows an authenticated attacker to achieve remote code execution.
CVE-2023-21529 Exploit Probability: 62.1% 		April 13, 2026
Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability Microsoft Visual Basic for Applications (VBA) contains an insecure library loading vulnerability that could allow for remote code execution.
CVE-2012-1854 Exploit Probability: 21.0% 		April 13, 2026
Microsoft Windows Link Following Vulnerability Microsoft Windows contains a link following vulnerability that allows for privilege escalation
CVE-2025-60710 Exploit Probability: 4.6% 		April 13, 2026
Microsoft Windows Out-of-Bounds Read Vulnerability Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat actor for privileges escalation
CVE-2023-36424 Exploit Probability: 12.2% 		April 13, 2026
Microsoft SharePoint Deserialization of Untrusted Data Vulnerability Microsoft SharePoint contains a deserialization of untrusted data vulnerability that allows an unauthorized attacker to execute code over a network.
CVE-2026-20963 Exploit Probability: 31.1% 		March 18, 2026
Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability Microsoft Windows Video ActiveX Control contains a remote code execution vulnerability. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user.
CVE-2008-0015 Exploit Probability: 76.6% 		February 17, 2026
Microsoft Configuration Manager SQL Injection Vulnerability Microsoft Configuration Manager contains an SQL injection vulnerability. An unauthenticated attacker could exploit this vulnerability by sending specially crafted requests to the target environment which are processed in an unsafe manner enabling the attacker to execute commands on the server and/or underlying database.
CVE-2024-43468 Exploit Probability: 60.7% 		February 12, 2026
Microsoft Internet Explorer Protection Mechanism Failure Vulnerability Microsoft Internet Explorer contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.
CVE-2026-21513 Exploit Probability: 15.4% 		February 10, 2026
Microsoft Windows NULL Pointer Dereference Vulnerability Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.
CVE-2026-21525 Exploit Probability: 5.0% 		February 10, 2026

Of the known exploited vulnerabilities above, 6 are in the top 1%, or the 99th percentile of the EPSS exploit probability rankings. 8 known exploited Microsoft vulnerabilities are in the top 5% (95th percentile or greater) of the EPSS exploit probability rankings.

Top 10 Riskiest Microsoft Vulnerabilities

Based on the current exploit probability, these Microsoft vulnerabilities are on CISA's Known Exploited vulnerabilities list (KEV) and are ranked by the current EPSS exploit probability.

Rank CVE EPSS Vulnerability
1 CVE-2019-0708 100.0% "BlueKeep" Microsoft Windows Remote Desktop Remote Code Execution Vulnerability
2 CVE-2021-26855 100.0% Microsoft OWA Exchange Control Panel (ECP) Exploit Chain
3 CVE-2021-34473 100.0% Microsoft Exchange Server Remote Code Execution Vulnerability
4 CVE-2015-1635 100.0% Microsoft HTTP.sys Remote Code Execution Vulnerability
5 CVE-2012-0158 100.0% Microsoft MSCOMCTL.OCX Remote Code Execution Vulnerability
6 CVE-2021-34523 100.0% Microsoft Exchange Server Privilege Escalation Vulnerability
7 CVE-2025-53770 100.0% Microsoft SharePoint Deserialization of Untrusted Data Vulnerability
8 CVE-2020-0688 100.0% Microsoft Exchange Server Key Validation Vulnerability
9 CVE-2022-41082 100.0% Microsoft Exchange Server Remote Code Execution Vulnerability
10 CVE-2025-59287 100.0% Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability

By the Year

In 2026 there have been 2982 vulnerabilities in Microsoft with an average score of 7.3 out of ten. Last year, in 2025 Microsoft had 2748 security vulnerabilities published. That is, 234 more vulnerabilities have already been reported in 2026 as compared to last year. However, the average CVE base score of the vulnerabilities in 2026 is greater by 0.19.




Year Vulnerabilities Average Score
2026 2982 7.28
2025 2748 7.08
2024 2181 7.33
2023 1695 7.22
2022 1389 7.43
2021 1153 7.44
2020 1253 7.20
2019 831 7.08
2018 661 7.03

It may take a day or so for new Microsoft vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2026-48582 Jun 19, 2026
Jun 2026: Microsoft Exchange Online Elevation of Privilege Vulnerability Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.
Exchange Online
CVE-2026-47645 Jun 19, 2026
Jun 2026: Microsoft 365 Copilot's Business Chat Elevation of Privilege Vulnerability Url redirection to untrusted site ('open redirect') in Microsoft 365 Copilot's Business Chat allows an unauthorized attacker to elevate privileges over a network.
365 Copilot
CVE-2026-50519 Jun 19, 2026
Jun 2026: Microsoft Visual Studio Code CoPilot Chat Security Feature Bypass Vulnerability Initialization of a resource with an insecure default in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to disclose information over a network.
Gihub Copilot Chat
CVE-2026-48584 Jun 19, 2026
Jun 2026: Microsoft Azure Synapse Elevation of Privilege Vulnerability Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges over a network.
Azure Synapse
CVE-2026-42895 Jun 19, 2026
Jun 2026: Microsoft Copilot Tampering Vulnerability Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network.
365 Copilot
CVE-2026-45480 Jun 19, 2026
Jun 2026: Azure Active Directory Elevation of Privilege Vulnerability Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network.
Azure Active Directory
CVE-2026-32208 Jun 19, 2026
Jun 2026: Microsoft Edge (Chromium-based) Spoofing Vulnerability Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an authorized attacker to perform spoofing over a network.
Edge Chromium
CVE-2026-49336 Jun 19, 2026
Jun 2026: @microsoft/kiota-http-fetchlibrary: Bearer token and Cookie leak across origin on redirect @microsoft/kiota-http-fetchlibrary provides TypeScript libraries for Kiota-generated API clients. In versions 1.0.0-preview.97 through 1.0.0-preview.101, `@microsoft/kiota-http-fetchlibrary`'s `RedirectHandler` is documented as stripping `Authorization` and `Cookie` from cross-origin redirect targets, but the default `scrubSensitiveHeaders` callback in `RedirectHandlerOptions` uses case-sensitive property deletion (`delete headers.Authorization`, `delete headers.Cookie`) on a headers object that `FetchRequestAdapter.getRequestFromRequestInformation` has already lower-cased. The delete therefore targets keys that do not exist, the scrub is a no-op, and any Bearer token or Cookie attached by a kiota-generated SDK is forwarded to an attacker-controlled host across a 30x redirect. This is reachable in the default middleware chain (`MiddlewareFactory.getDefaultMiddlewares`) with no custom configuration, and applies to every kiota-generated TypeScript SDK that uses `BaseBearerTokenAuthenticationProvider` or any other authentication provider that sets the `Authorization` request header. Version 1.0.0-preview.102 patches the issue.
CVE-2026-47647 Jun 18, 2026
Jun 2026: Dynamics 365 Elevation of Privilege Vulnerability Improper access control in Microsoft Dynamics 365 allows an authorized attacker to elevate privileges over a network.
Dynamics 365
CVE-2026-54130 Jun 18, 2026
Jun 2026: M365 Copilot Information Disclosure Vulnerability Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network.
365 Copilot
CVE-2026-32174 Jun 18, 2026
Jun 2026: Azure Bot Service Elevation of Privilege Vulnerability Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network.
Azure Ai Bot Service
CVE-2026-47633 Jun 18, 2026
Jun 2026: Microsoft Cost Management Information Disclosure Vulnerability Exposure of sensitive information to an unauthorized actor in Cost Management Interactive Experiences allows an unauthorized attacker to disclose information over a network.
Azure Cost Management
CVE-2026-12468 Jun 17, 2026
Chrome Updater Race Condition on Mac Pre-149.0.7827.155 Allow Sandbox Escape Race in Updater in Google Chrome on Mac prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12466 Jun 17, 2026
Chrome WebRTC Heap Buffer Overflow Remote Code Execution (pre149.0.7827.155) Heap buffer overflow in WebRTC in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12467 Jun 17, 2026
Google Chrome 149.0.7827.155 Use-After-Free in Extensions Allows Sandbox Escape Use after free in Extensions in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12465 Jun 17, 2026
Chrome Metrics OOB before 149.0.7827.155 Remote Sandbox Escape Object lifecycle issue in Metrics in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12464 Jun 17, 2026
GA Chrome UA Free <149.0.7827.155 vuln allows sandbox escape Use after free in Browser in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12463 Jun 17, 2026
Google Chrome UXSS via Views on Linux pre-149.0.7827.155 Inappropriate implementation in Views in Google Chrome on Linux prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12461 Jun 17, 2026
OOB read in WebRTC (Chrome <149.0.7827.155) Out of bounds read in WebRTC in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12462 Jun 17, 2026
Chrome <149.0.7827.155 Use-After-Free in Media component Use after free in Media in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12460 Jun 17, 2026
Google Chrome 149.0.7827.155 FS Access Policy Bypass via PDF Insufficient policy enforcement in File System Access in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted PDF file. (Chromium security severity: High)
CVE-2026-12459 Jun 17, 2026
Google Chrome <149.0.7827.155 UXSS via Serial API Inappropriate implementation in Serial in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12457 Jun 17, 2026
Chrome 149.0.7827.155 - Site Isolation Bypass via Extensions (High Severity) Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12458 Jun 17, 2026
Google Chrome <149.0.7827.155: Passwords Leakage via UI Gesture Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12456 Jun 17, 2026
Google Chrome <149.0.7827.155: Extensions Bypass SOP via Malicious Extension Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. (Chromium security severity: High)
CVE-2026-12454 Jun 17, 2026
Race in Safe Browsing in Chrome <149.0.7827.155: sandbox escape Race in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12455 Jun 17, 2026
Use after free in Chrome Tab Strip before 149.0.7827.155 Exploits Heap Corruption Use after free in Tab Strip in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12453 Jun 17, 2026
CVE-2026-12453 Chrome <149.0.7827.155: Insecure Input - Same-Origin Bypass Insufficient validation of untrusted input in Input in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12452 Jun 17, 2026
Use After Free in Downloads: Chrome<149.0.7827.155 Android Use after free in Downloads in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12451 Jun 17, 2026
Use-after-free in Google Chrome DigiCred <149.0.7827.155 (sandbox escape) Use after free in DigitalCredentials in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12449 Jun 17, 2026
UA Free in Chromoting (Chrome <149.0.7827.155) PrivEsc via File Use after free in Chromoting in Google Chrome on Windows prior to 149.0.7827.155 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: High)
CVE-2026-12447 Jun 17, 2026
Heap Buffer Overflow WebRTC in Chrome <149.0.7827.155 Heap buffer overflow in WebRTC in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12446 Jun 17, 2026
Remote Cross-Origin Data Leak via Passwords in Google Chrome <149.0.7827.155 Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
CVE-2026-12445 Jun 17, 2026
Chrome Use-After-Free via Malicious Extension (pre-149.0.7827.155) Use after free in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)
CVE-2026-12444 Jun 17, 2026
Chrome <149.0.7827.155: OOB Read in Chromoting allows local info leak Out of bounds read in Chromoting in Google Chrome on Windows prior to 149.0.7827.155 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. (Chromium security severity: High)
CVE-2026-12443 Jun 17, 2026
UA-FREE in Chrome WebAuthn (pre-149.0.7827.155) Use after free in Web Authentication in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-12440 Jun 17, 2026
Critical UAF in Chrome's DigitalCreds (before 149.0.7827.155) Use after free in DigitalCredentials in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-12441 Jun 17, 2026
Use after free in Chrome File Input before 149.0.7827.155 Use after free in File Input in Google Chrome on Linux prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-12439 Jun 17, 2026
Chrome 149.0.7827.155 UAF in Digital Credentials Component Use after free in Digital Credentials in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-12437 Jun 17, 2026
Use After Free in Chrome 149.0.7827.155 WebShare Remote Sandbox Escape (Critical) Use after free in WebShare in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-50656 Jun 16, 2026
Jun 2026: Microsoft Defender Elevation of Privilege Vulnerability Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as &quot;RoguePlanet &quot;. We are working to provide a high quality security update that addresses this vulnerability. We will provide information in this CVE when the update is available.
Malware Protection Engine
CVE-2026-46331 Jun 16, 2026
Linux Kernel net/sched pedit partial COW causing cache corruption In the Linux kernel, the following vulnerability has been resolved: net/sched: fix pedit partial COW leading to page cache corruption tcf_pedit_act() computes the COW range for skb_ensure_writable() once before the key loop using tcfp_off_max_hint, but the hint does not account for the runtime header offset added by typed keys. This can leave part of the write region un-COW'd. Fix by moving skb_ensure_writable() inside the per-key loop where the actual write offset is known, and add overflow checking on the offset arithmetic. For negative offsets (e.g. Ethernet header edits at ingress), use skb_cow() to COW the headroom instead. Guard offset_valid() against INT_MIN, where negation is undefined.
CVE-2026-42014 Jun 16, 2026
GnuTLS UAF in pkcs11_token_set_pin on NULL SO PIN A flaw was found in GnuTLS. The `gnutls_pkcs11_token_set_pin` function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path.
CVE-2026-48854 Jun 15, 2026
Elixir GRPC pre-1.0.0: Unbounded Memory Allocation via Streaming RPCs Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust the BEAM's memory and crash the server by streaming a large or slow-trickle unary request body. 'Elixir.GRPC.Server.Adapters.Cowboy.Handler':read_full_body/3 (lib/grpc/server/adapters/cowboy/handler.ex) accumulates every received chunk into a single growing binary with no size cap. Additionally, when the client omits the grpc-timeout header, the per-chunk read timeout resolves to :infinity, allowing a slow-trickle client to keep the connection alive indefinitely while memory grows. A single connection is sufficient to exhaust server memory and crash the node. This issue affects grpc from 0.3.1 before 1.0.0.
CVE-2026-12087 Jun 15, 2026
OOB Heap Read in Perl Socket (<2.041) pack_ip_mreq_source Socket versions before 2.041 for Perl have an out-of-bounds heap read. In Socket.xs, pack_ip_mreq_source() checks the length of its source argument before the argument is read, so the check tests the byte length carried over from the preceding multiaddr argument instead. Both addresses occupy a 4-byte field, so a valid multiaddr lets a source of any length pass the check, and the source is then copied into the 4-byte imr_sourceaddr field with a fixed-size copy. A source shorter than 4 bytes is not rejected, and the copy reads up to 3 bytes past the end of its buffer. Calling pack_ip_mreq_source() with a source value shorter than 4 bytes copies adjacent heap memory into the returned packed structure.
CVE-2026-54411 Jun 14, 2026
Linux-PAM<=1.7.2 pam_userdb Timing Attack Reveals Plaintext Password Linux-PAM through 1.7.2 contains an observable timing discrepancy (CWE-208) in the pam_userdb module's plaintext-password comparison path in modules/pam_userdb/pam_userdb.c that allows a local or network-adjacent attacker able to repeatedly drive authentication through a calling service to recover the plaintext password of a target account by measuring response-timing differences. The comparison uses strncmp() (or strncasecmp() when PAM_ICASE_ARG is set) preceded by a length-equality check, so the time to reject a candidate depends on the index of the first differing byte and on whether the candidate's length matches the stored password, leaking the password length and individual prefix bytes. The vulnerable path is reached when the administrator configures pam_userdb with crypt=none, with an unrecognized crypt method, or without a crypt= argument, causing the module to store and compare credentials in plaintext.
CVE-2026-11526 Jun 14, 2026
GD Perl 2-arg open OS Command Injection pre 2.86 GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle. GD::Image::_make_filehandle opens a filename argument with Perl's 2-arg open(), so a filename that begins or ends with a pipe ("| cmd", "cmd |") or begins with a redirect ("> path", ">> path") is run as a command or redirect rather than opened as a file. _make_filehandle is the single open path behind every filename-accepting constructor (new, newFromPng, newFromJpeg, and the rest); the in-memory *Data variants do not open a path and are unaffected. Any caller that forwards untrusted input to one of these constructors as a pathname can run an arbitrary command or truncate a file under the process UID.
CVE-2026-44967 Jun 12, 2026
Memory Exhaustion in OpenTelemetrycpp OTLP HTTP Exporter <1.27.0 OpenTelemetry-cpp is the C++ implementation of OpenTelemetry. Prior to release 1.27.0, the OTLP HTTP exporters (traces/metrics/logs) read the full HTTP response into an in-memory vector of bytes without a size cap. This is exploitable for memory exhaustion when the configured collector endpoint is attacker-controlled (or a network attacker can MITM the exporter connection). This vulnerability is fixed in opentelemetry-cpp release 1.27.0.
CVE-2026-48914 Jun 12, 2026
QEMU virtio-blk OOB Write via Malformed SCSI A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high privileges could exploit this vulnerability by submitting a malformed virtio-blk SCSI request, leading to an out-of-bounds write in the host heap memory and a potential denial of service (DoS) for the QEMU process.
CVE-2026-12018 Jun 11, 2026
Chrome <149: Privilege Escalation via Mojo Malicious File Inappropriate implementation in Mojo in Google Chrome on Windows prior to 149.0.7827.115 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: High)
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.