Common Vulnerabilities and Exposures (CVE)

CVE-2026-20853

Feb 26, 2026 15:04:23 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows WalletService allows an unauthorized attacker to elevate privileges locally.

A relative path traversal vulnerability has been identified in the Embedded Solutions Framework in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user.

CVE-2026-20854

Feb 26, 2026 15:04:23 UTC

Use after free in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to execute code over a network.

CVE-2025-65078

Feb 26, 2026 15:04:23 UTC

An untrusted search path vulnerability has been identified in the Embedded Solutions Framework in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code.

CVE-2026-21219

Feb 26, 2026 15:04:23 UTC

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.

CVE-2026-1861

Feb 26, 2026 15:04:22 UTC

Heap buffer overflow in libvpx in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2026-20861

Feb 26, 2026 15:04:22 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVE-2026-1862

Feb 26, 2026 15:04:22 UTC

Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2026-20863

Feb 26, 2026 15:04:22 UTC

Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

CVE-2026-1580

Feb 26, 2026 15:04:22 UTC

A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/auth-method` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-...

CVE-2026-20866

Feb 26, 2026 15:04:22 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVE-2026-24512

Feb 26, 2026 15:04:22 UTC

A security issue was discovered in ingress-nginx cthe `rules.http.paths.path` Ingress field can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclo...

CVE-2026-20867

Feb 26, 2026 15:04:21 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVE-2026-20979

Feb 26, 2026 15:04:21 UTC

Improper privilege management in Settings prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Settings privilege.

CVE-2026-20868

Feb 26, 2026 15:04:21 UTC

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

Page: 230