Common Vulnerabilities and Exposures (CVE)

CVE-2026-56687

Jul 16, 2026 03:55:52 UTC

Dell ThinOS 10, versions prior to 2605_10.2100, contain an Obsolete Feature in UI vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.

CVE-2026-20298

Jul 16, 2026 03:55:51 UTC

In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, and 9.4.13, and Splunk Cloud Platform versions below 10.5.2605.0, 10.4.2604.6, 10.3.2512.15, 10.2.2510.18, and 10.1.2507.24, a low-privileged user that does not hold the 'admin' or...

CVE-2026-58609

Jul 16, 2026 03:55:50 UTC

Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to execute code locally.

CVE-2026-50391

Jul 16, 2026 03:55:49 UTC

Improper privilege management in Windows Group Policy allows an authorized attacker to elevate privileges locally.

CVE-2026-50689

Jul 16, 2026 03:55:48 UTC

Use after free in Windows Clipboard Server allows an authorized attacker to elevate privileges locally.

CVE-2026-50384

Jul 16, 2026 03:55:48 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Clip Service allows an authorized attacker to elevate privileges locally.

CVE-2026-49183

Jul 16, 2026 03:55:47 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Clipboard Server allows an authorized attacker to elevate privileges locally.

CVE-2026-58538

Jul 16, 2026 03:55:46 UTC

Heap-based buffer overflow in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.

CVE-2026-50387

Jul 16, 2026 03:55:45 UTC

Stack-based buffer overflow in Windows GDI allows an authorized attacker to elevate privileges locally.

CVE-2026-54122

Jul 16, 2026 03:55:44 UTC

Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code locally.

CVE-2026-49796

Jul 16, 2026 03:55:43 UTC

Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code locally.

CVE-2026-46709

Jul 16, 2026 03:55:43 UTC

Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.234, Tabby inserts dropped file paths from tabby-electron/src/pathDrop.ts into the active shell without neutralizing command substitution metacharacters such...

CVE-2026-42533

Jul 16, 2026 03:55:42 UTC

A vulnerability exists in NGINX Plus and NGINX Open Source when a map directive uses regex matching and a string expression references the map's regex capture variables before referencing the map output variable. Alternatively, the same res...

CVE-2026-50400

Jul 16, 2026 03:55:41 UTC

Stack-based buffer overflow in Windows App Installer allows an authorized attacker to elevate privileges locally.

CVE-2026-48572

Jul 16, 2026 03:55:40 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows App Installer allows an authorized attacker to elevate privileges locally.