HackTesting

Common Vulnerabilities and Exposures (CVE)

CVE-2025-53797

Feb 20, 2026 16:00:09 UTC

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

CVE-2025-49734

Feb 20, 2026 15:59:59 UTC

Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally.

CVE-2025-10650

Feb 20, 2026 15:59:52 UTC

SoftIron HyperCloud 2.5.0 through 2.6.3 may incorrectly add user SSH keys to the administrator-level authorized keys under certain conditions, allowing unauthorized privilege escalation to admin via SSH. Affects non-production debug and int...

CVE-2025-65046

Feb 20, 2026 15:59:44 UTC

Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE-2025-62221

Feb 20, 2026 15:59:44 UTC

Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.

CVE-2025-64677

Feb 20, 2026 15:59:43 UTC

Improper neutralization of input during web page generation ('cross-site scripting') in Office Out-of-Box Experience allows an unauthorized attacker to perform spoofing over a network.

CVE-2025-64675

Feb 20, 2026 15:59:42 UTC

Improper neutralization of input during web page generation ('cross-site scripting') in Azure Cosmos DB allows an unauthorized attacker to perform spoofing over a network.

CVE-2025-64676

Feb 20, 2026 15:59:42 UTC

'.../...//' in Microsoft Purview allows an authorized attacker to execute code over a network.

CVE-2025-65037

Feb 20, 2026 15:59:41 UTC

Improper control of generation of code ('code injection') in Azure Container Apps allows an unauthorized attacker to execute code over a network.

CVE-2025-65041

Feb 20, 2026 15:59:41 UTC

Improper authorization in Microsoft Partner Center allows an unauthorized attacker to elevate privileges over a network.

CVE-2025-64663

Feb 20, 2026 15:59:40 UTC

Custom Question Answering Elevation of Privilege Vulnerability

CVE-2025-54100

Feb 20, 2026 15:59:40 UTC

Improper neutralization of special elements used in a command ('command injection') in Windows PowerShell allows an unauthorized attacker to execute code locally.

CVE-2025-64680

Feb 20, 2026 15:59:39 UTC

Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

CVE-2025-64679

Feb 20, 2026 15:59:39 UTC

Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

CVE-2025-64678

Feb 20, 2026 15:59:38 UTC

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

Page: 37