Common Vulnerabilities and Exposures (CVE)

CVE-2026-57979

Jul 16, 2026 21:57:33 UTC

Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network.

CVE-2026-57976

Jul 16, 2026 21:57:32 UTC

Null pointer dereference in Active Directory Domain Services allows an authorized attacker to deny service over a network.

CVE-2026-57969

Jul 16, 2026 21:57:31 UTC

Missing authentication for critical function in Azure CycleCloud allows an authorized attacker to elevate privileges over a network.

CVE-2026-57107

Jul 16, 2026 21:57:30 UTC

Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges locally.

CVE-2026-57097

Jul 16, 2026 21:57:29 UTC

Untrusted search path in Microsoft XML allows an unauthorized attacker to bypass a security feature with a physical attack.

CVE-2026-56185

Jul 16, 2026 21:57:29 UTC

Improper authentication in Windows Admin Center allows an authorized attacker to disclose information over a network.

CVE-2026-56193

Jul 16, 2026 21:57:28 UTC

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

CVE-2026-54127

Jul 16, 2026 21:57:28 UTC

Use after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally.

CVE-2026-50694

Jul 16, 2026 21:57:27 UTC

Use after free in Windows Secure Socket Tunneling Protocol (SSTP) allows an unauthorized attacker to execute code over a network.

CVE-2026-56170

Jul 16, 2026 21:57:27 UTC

Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.

CVE-2026-56169

Jul 16, 2026 21:57:26 UTC

Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network.

CVE-2026-56164

Jul 16, 2026 21:57:26 UTC

Missing authentication for critical function in Microsoft Office SharePoint allows an unauthorized attacker to elevate privileges over a network.

CVE-2026-56155

Jul 16, 2026 21:57:25 UTC

Insufficient granularity of access control in Active Directory Federation Services (AD FS) allows an authorized attacker to elevate privileges locally.

CVE-2026-55948

Jul 16, 2026 21:57:24 UTC

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-55945

Jul 16, 2026 21:57:24 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Edge (Chromium-based) allows an authorized attacker to disclose information locally.