HackTesting

Common Vulnerabilities and Exposures (CVE)

CVE-2026-32192

Apr 17, 2026 16:12:31 UTC

Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.

CVE-2026-32189

Apr 17, 2026 16:12:30 UTC

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-32188

Apr 17, 2026 16:12:29 UTC

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2026-32184

Apr 17, 2026 16:12:29 UTC

Deserialization of untrusted data in Microsoft High Performance Compute Pack (HPC) allows an authorized attacker to elevate privileges locally.

CVE-2026-32183

Apr 17, 2026 16:12:28 UTC

Improper neutralization of special elements used in a command ('command injection') in Windows Snipping Tool allows an unauthorized attacker to execute code locally.

CVE-2026-32181

Apr 17, 2026 16:12:28 UTC

Improper privilege management in Microsoft Windows allows an authorized attacker to deny service locally.

CVE-2026-32178

Apr 17, 2026 16:12:27 UTC

Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-32168

Apr 17, 2026 16:12:26 UTC

Improper input validation in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.

CVE-2026-32167

Apr 17, 2026 16:12:25 UTC

Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.

CVE-2026-32165

Apr 17, 2026 16:12:25 UTC

Use after free in Windows User Interface Core allows an authorized attacker to elevate privileges locally.

CVE-2026-0390

Apr 17, 2026 16:12:24 UTC

Reliance on untrusted inputs in a security decision in Windows Boot Loader allows an authorized attacker to bypass a security feature locally.

CVE-2026-32160

Apr 17, 2026 16:12:24 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

CVE-2026-32159

Apr 17, 2026 16:12:23 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

CVE-2026-32158

Apr 17, 2026 16:12:22 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

CVE-2026-32157

Apr 17, 2026 16:12:22 UTC

Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Page: 37