HackTesting

Common Vulnerabilities and Exposures (CVE)

CVE-2025-48004

Feb 13, 2026 23:11:25 UTC

Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.

CVE-2025-47989

Feb 13, 2026 23:11:24 UTC

Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.

CVE-2026-21517

Feb 13, 2026 22:30:47 UTC

Improper link resolution before file access ('link following') in Windows App for Mac allows an authorized attacker to elevate privileges locally.

CVE-2026-20841

Feb 13, 2026 22:30:46 UTC

Improper neutralization of special elements used in a command ('command injection') in Windows Notepad App allows an unauthorized attacker to execute code locally.

CVE-2026-20846

Feb 13, 2026 22:30:46 UTC

Buffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network.

CVE-2026-21222

Feb 13, 2026 22:30:45 UTC

Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.

CVE-2026-21228

Feb 13, 2026 22:30:45 UTC

Improper certificate validation in Azure Local allows an unauthorized attacker to execute code over a network.

CVE-2026-21231

Feb 13, 2026 22:30:44 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-21232

Feb 13, 2026 22:30:43 UTC

Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.

CVE-2026-21237

Feb 13, 2026 22:30:43 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.

CVE-2026-21238

Feb 13, 2026 22:30:42 UTC

Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2026-21239

Feb 13, 2026 22:30:42 UTC

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-21241

Feb 13, 2026 22:30:41 UTC

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2026-21240

Feb 13, 2026 22:30:41 UTC

Time-of-check time-of-use (toctou) race condition in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.

CVE-2026-21243

Feb 13, 2026 22:30:40 UTC

Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.

Page: 24