HackTesting

Common Vulnerabilities and Exposures (CVE)

CVE-2025-59218

Feb 13, 2026 23:13:04 UTC

Azure Entra ID Elevation of Privilege Vulnerability

CVE-2025-59497

Feb 13, 2026 23:13:03 UTC

Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Linux allows an authorized attacker to deny service locally.

CVE-2025-59289

Feb 13, 2026 23:13:02 UTC

Double free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.

CVE-2025-59287

Feb 13, 2026 23:13:02 UTC

Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.

CVE-2025-59285

Feb 13, 2026 23:13:01 UTC

Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.

CVE-2025-59278

Feb 13, 2026 23:13:00 UTC

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.

CVE-2025-59275

Feb 13, 2026 23:13:00 UTC

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.

CVE-2025-59261

Feb 13, 2026 23:12:59 UTC

Time-of-check time-of-use (toctou) race condition in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

CVE-2025-59260

Feb 13, 2026 23:12:59 UTC

Exposure of sensitive information to an unauthorized actor in Microsoft Failover Cluster Virtual Driver allows an authorized attacker to disclose information locally.

CVE-2025-59253

Feb 13, 2026 23:12:58 UTC

Improper access control in Microsoft Windows Search Component allows an authorized attacker to deny service locally.

CVE-2025-59230

Feb 13, 2026 23:12:58 UTC

Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.

CVE-2025-59248

Feb 13, 2026 23:12:57 UTC

Improper input validation in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.

CVE-2025-59244

Feb 13, 2026 23:12:56 UTC

External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network.

CVE-2025-59241

Feb 13, 2026 23:12:56 UTC

Improper link resolution before file access ('link following') in Windows Health and Optimized Experiences Service allows an authorized attacker to elevate privileges locally.

CVE-2025-59238

Feb 13, 2026 23:12:55 UTC

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

Page: 2