HackTesting

Common Vulnerabilities and Exposures (CVE)

CVE-2026-20940

Feb 13, 2026 20:40:35 UTC

Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.

CVE-2026-20938

Feb 13, 2026 20:40:34 UTC

Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.

CVE-2026-20934

Feb 13, 2026 20:40:34 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

CVE-2026-20932

Feb 13, 2026 20:40:33 UTC

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.

CVE-2026-20927

Feb 13, 2026 20:40:33 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to deny service over a network.

CVE-2026-20926

Feb 13, 2026 20:40:32 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

CVE-2026-20925

Feb 13, 2026 20:40:32 UTC

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-20924

Feb 13, 2026 20:40:31 UTC

Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVE-2026-20923

Feb 13, 2026 20:40:31 UTC

Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVE-2026-20922

Feb 13, 2026 20:40:30 UTC

Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.

CVE-2026-20921

Feb 13, 2026 20:40:29 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

CVE-2026-20920

Feb 13, 2026 20:40:29 UTC

Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

CVE-2026-20919

Feb 13, 2026 20:40:28 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

CVE-2026-20918

Feb 13, 2026 20:40:28 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVE-2026-20877

Feb 13, 2026 20:40:27 UTC

Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.

Page: 32