HackTesting

Common Vulnerabilities and Exposures (CVE)

CVE-2026-21222

Apr 10, 2026 13:21:35 UTC

Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.

CVE-2026-21228

Apr 10, 2026 13:21:34 UTC

Improper certificate validation in Azure Local allows an unauthorized attacker to execute code over a network.

CVE-2026-21231

Apr 10, 2026 13:21:33 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-21232

Apr 10, 2026 13:21:33 UTC

Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.

CVE-2026-21237

Apr 10, 2026 13:21:32 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.

CVE-2026-21238

Apr 10, 2026 13:21:32 UTC

Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2026-21239

Apr 10, 2026 13:21:31 UTC

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-21241

Apr 10, 2026 13:21:31 UTC

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2026-21240

Apr 10, 2026 13:21:30 UTC

Time-of-check time-of-use (toctou) race condition in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.

CVE-2026-21243

Apr 10, 2026 13:21:29 UTC

Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.

CVE-2026-21244

Apr 10, 2026 13:21:29 UTC

Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.

CVE-2026-21245

Apr 10, 2026 13:21:28 UTC

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-21249

Apr 10, 2026 13:21:28 UTC

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing locally.

CVE-2026-21250

Apr 10, 2026 13:21:27 UTC

Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.

CVE-2026-21251

Apr 10, 2026 13:21:26 UTC

Use after free in Windows Cluster Client Failover allows an authorized attacker to elevate privileges locally.

Page: 37