HackTesting

Common Vulnerabilities and Exposures (CVE)

CVE-2026-20926

Feb 13, 2026 20:40:32 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

CVE-2026-20925

Feb 13, 2026 20:40:32 UTC

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-20924

Feb 13, 2026 20:40:31 UTC

Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVE-2026-20923

Feb 13, 2026 20:40:31 UTC

Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVE-2026-20922

Feb 13, 2026 20:40:30 UTC

Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.

CVE-2026-20921

Feb 13, 2026 20:40:29 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

CVE-2026-20920

Feb 13, 2026 20:40:29 UTC

Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

CVE-2026-20919

Feb 13, 2026 20:40:28 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

CVE-2026-20918

Feb 13, 2026 20:40:28 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVE-2026-20877

Feb 13, 2026 20:40:27 UTC

Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVE-2026-20876

Feb 13, 2026 20:40:27 UTC

Heap-based buffer overflow in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.

CVE-2026-20875

Feb 13, 2026 20:40:26 UTC

Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.

CVE-2026-20869

Feb 13, 2026 20:40:26 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Local Session Manager (LSM) allows an authorized attacker to elevate privileges locally.

CVE-2026-20865

Feb 13, 2026 20:40:25 UTC

Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVE-2026-20864

Feb 13, 2026 20:40:25 UTC

Heap-based buffer overflow in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally.

Page: 158