Common Vulnerabilities and Exposures (CVE)

CVE-2025-62219

Feb 13, 2026 20:45:57 UTC

Double free in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally.

CVE-2025-62218

Feb 13, 2026 20:45:56 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally.

CVE-2025-62217

Feb 13, 2026 20:45:55 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2025-60722

Feb 13, 2026 20:45:55 UTC

Improper limitation of a pathname to a restricted directory ('path traversal') in OneDrive for Android allows an authorized attacker to elevate privileges over a network.

CVE-2025-60719

Feb 13, 2026 20:45:54 UTC

Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2025-62216

Feb 13, 2026 20:45:54 UTC

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2025-62210

Feb 13, 2026 20:45:53 UTC

Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network.

CVE-2025-62206

Feb 13, 2026 20:45:52 UTC

Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network.

CVE-2025-62199

Feb 13, 2026 20:45:52 UTC

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2025-60728

Feb 13, 2026 20:45:51 UTC

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.

CVE-2025-60727

Feb 13, 2026 20:45:51 UTC

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-60726

Feb 13, 2026 20:45:50 UTC

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2025-60709

Feb 13, 2026 20:45:50 UTC

Out-of-bounds read in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

CVE-2025-60708

Feb 13, 2026 20:45:49 UTC

Untrusted pointer dereference in Storvsp.sys Driver allows an authorized attacker to deny service locally.

CVE-2025-60707

Feb 13, 2026 20:45:48 UTC

Use after free in Multimedia Class Scheduler Service (MMCSS) allows an authorized attacker to elevate privileges locally.