HackTesting

Common Vulnerabilities and Exposures (CVE)

CVE-2026-6238

Jun 19, 2026 20:40:00 UTC

The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.0.1 to version 2.43 fail to validate the RDATA content against the RDATA length in a DNS response when processing A6, CERT, LOC, TKEY or TSIG reco...

CVE-2026-11527

Jun 19, 2026 20:31:36 UTC

Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open() of the -file argument in _make_filehandle. Config::IniFiles::_make_filehandle opens a filename argument with Perl's 2-arg o...

CVE-2026-47645

Jun 19, 2026 20:29:42 UTC

Url redirection to untrusted site ('open redirect') in Microsoft 365 Copilot's Business Chat allows an unauthorized attacker to elevate privileges over a network.

CVE-2026-48582

Jun 19, 2026 20:29:41 UTC

Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.

CVE-2026-48579

Jun 19, 2026 20:29:41 UTC

Improper authorization in Microsoft Exchange Online allows an unauthorized attacker to disclose information over a network.

CVE-2026-48567

Jun 19, 2026 20:29:40 UTC

Authentication bypass by spoofing in Azure HorizonDB allows an unauthorized attacker to elevate privileges over a network.

CVE-2026-42824

Jun 19, 2026 20:29:39 UTC

Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network.

CVE-2026-45497

Jun 19, 2026 20:29:39 UTC

Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an authorized attacker to execute code over a network.

CVE-2026-44804

Jun 19, 2026 20:29:38 UTC

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

CVE-2026-44813

Jun 19, 2026 20:29:38 UTC

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

CVE-2026-42993

Jun 19, 2026 20:29:37 UTC

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

CVE-2026-44812

Jun 19, 2026 20:29:37 UTC

Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.

CVE-2026-44803

Jun 19, 2026 20:29:36 UTC

Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.

CVE-2026-42987

Jun 19, 2026 20:29:35 UTC

Use after free in Windows Deployment Services allows an unauthorized attacker to execute code over a network.

CVE-2026-42985

Jun 19, 2026 20:29:35 UTC

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Page: 2