HackTesting

Common Vulnerabilities and Exposures (CVE)

CVE-2026-40377

Jun 5, 2026 16:38:47 UTC

Heap-based buffer overflow in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.

CVE-2026-40374

Jun 5, 2026 16:38:46 UTC

Exposure of sensitive information to an unauthorized actor in Power Automate allows an authorized attacker to disclose information over a network.

CVE-2026-40368

Jun 5, 2026 16:38:46 UTC

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

CVE-2026-40366

Jun 5, 2026 16:38:45 UTC

Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVE-2026-40364

Jun 5, 2026 16:38:45 UTC

Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVE-2026-40363

Jun 5, 2026 16:38:44 UTC

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2026-40360

Jun 5, 2026 16:38:43 UTC

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2026-35440

Jun 5, 2026 16:38:43 UTC

Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

CVE-2026-35439

Jun 5, 2026 16:38:42 UTC

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

CVE-2026-35438

Jun 5, 2026 16:38:42 UTC

Missing authorization in Windows Admin Center allows an authorized attacker to elevate privileges over a network.

CVE-2026-35424

Jun 5, 2026 16:38:41 UTC

Missing release of memory after effective lifetime in Windows Internet Key Exchange (IKE) Protocol allows an unauthorized attacker to deny service over a network.

CVE-2026-35423

Jun 5, 2026 16:38:41 UTC

Out-of-bounds read in Telnet Client allows an unauthorized attacker to disclose information over a network.

CVE-2026-35422

Jun 5, 2026 16:38:40 UTC

Authentication bypass using an alternate path or channel in Windows TCP/IP allows an authorized attacker to bypass a security feature over a network.

CVE-2026-35421

Jun 5, 2026 16:38:39 UTC

Heap-based buffer overflow in Windows GDI allows an unauthorized attacker to execute code locally.

CVE-2026-35420

Jun 5, 2026 16:38:39 UTC

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

Page: 11