Common Vulnerabilities and Exposures (CVE)

CVE-2026-32212

Jun 1, 2026 19:12:46 UTC

Improper link resolution before file access ('link following') in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally.

CVE-2026-33826

Jun 1, 2026 19:12:45 UTC

Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network.

CVE-2026-33825

Jun 1, 2026 19:12:45 UTC

Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.

CVE-2026-33822

Jun 1, 2026 19:12:44 UTC

Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

CVE-2026-33120

Jun 1, 2026 19:12:44 UTC

Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network.

CVE-2026-33116

Jun 1, 2026 19:12:43 UTC

Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network.

CVE-2026-33098

Jun 1, 2026 19:12:43 UTC

Use after free in Windows Container Isolation FS Filter Driver allows an authorized attacker to elevate privileges locally.

CVE-2026-33096

Jun 1, 2026 19:12:42 UTC

Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.

CVE-2026-33095

Jun 1, 2026 19:12:41 UTC

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVE-2026-32224

Jun 1, 2026 19:12:41 UTC

Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally.

CVE-2026-32223

Jun 1, 2026 19:12:40 UTC

Heap-based buffer overflow in Windows USB Print Driver allows an unauthorized attacker to elevate privileges with a physical attack.

CVE-2026-32222

Jun 1, 2026 19:12:40 UTC

Untrusted pointer dereference in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

CVE-2026-32221

Jun 1, 2026 19:12:39 UTC

Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code locally.

CVE-2026-32220

Jun 1, 2026 19:12:39 UTC

Improper access control in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.

CVE-2026-32219

Jun 1, 2026 19:12:38 UTC

Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.