Common Vulnerabilities and Exposures (CVE)

CVE-2026-50328

Jul 16, 2026 21:58:40 UTC

Uncaught exception in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network.

CVE-2026-50304

Jul 16, 2026 21:58:39 UTC

Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network.

CVE-2026-50392

Jul 16, 2026 21:58:38 UTC

Use after free in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally.

CVE-2026-50363

Jul 16, 2026 21:58:38 UTC

Heap-based buffer overflow in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

CVE-2026-50329

Jul 16, 2026 21:58:37 UTC

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-50305

Jul 16, 2026 21:58:37 UTC

Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.

CVE-2026-50372

Jul 16, 2026 21:58:36 UTC

Buffer over-read in Windows Redirected Drive Buffering allows an authorized attacker to elevate privileges locally.

CVE-2026-50332

Jul 16, 2026 21:58:36 UTC

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-50302

Jul 16, 2026 21:58:35 UTC

Improper certificate validation in Windows Cryptographic Services allows an unauthorized attacker to bypass a security feature over a network.

CVE-2026-50364

Jul 16, 2026 21:58:35 UTC

Improper link resolution before file access ('link following') in Windows Server Backup allows an authorized attacker to elevate privileges locally.

CVE-2026-50303

Jul 16, 2026 21:58:34 UTC

Use of a cryptographic primitive with a risky implementation in Windows Key Guard allows an authorized attacker to bypass a security feature locally.

CVE-2026-50300

Jul 16, 2026 21:58:33 UTC

Integer underflow (wrap or wraparound) in Windows Kernel allows an authorized attacker to disclose information locally.

CVE-2026-50381

Jul 16, 2026 21:58:33 UTC

Access of resource using incompatible type ('type confusion') in Composite Image File System Driver allows an authorized attacker to disclose information locally.

CVE-2026-50350

Jul 16, 2026 21:58:32 UTC

Exposure of sensitive information to an unauthorized actor in Windows Trusted Runtime Interface Driver allows an authorized attacker to disclose information locally.

CVE-2026-50295

Jul 16, 2026 21:58:32 UTC

Improper privilege management in Microsoft Windows DNS allows an authorized attacker to bypass a security feature locally.