Common Vulnerabilities and Exposures (CVE)
CVE-2026-40367
Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-40365
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-40362
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-40361
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-40359
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-40358
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-40357
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-34341
Double free in Windows Link-Layer Discovery Protocol (LLDP) allows an authorized attacker to elevate privileges locally.
CVE-2026-34340
Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally.
CVE-2026-34339
Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to deny service locally.
CVE-2026-34338
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
CVE-2026-34337
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-34336
Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2026-34334
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
CVE-2026-34332
Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to execute code over a network.