Common Vulnerabilities and Exposures (CVE)

CVE-2025-62206

Feb 13, 2026 20:45:52 UTC

Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network.

CVE-2025-62199

Feb 13, 2026 20:45:52 UTC

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2025-60728

Feb 13, 2026 20:45:51 UTC

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.

CVE-2025-60727

Feb 13, 2026 20:45:51 UTC

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2025-60726

Feb 13, 2026 20:45:50 UTC

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2025-60709

Feb 13, 2026 20:45:50 UTC

Out-of-bounds read in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

CVE-2025-60708

Feb 13, 2026 20:45:49 UTC

Untrusted pointer dereference in Storvsp.sys Driver allows an authorized attacker to deny service locally.

CVE-2025-60707

Feb 13, 2026 20:45:48 UTC

Use after free in Multimedia Class Scheduler Service (MMCSS) allows an authorized attacker to elevate privileges locally.

CVE-2025-60706

Feb 13, 2026 20:45:48 UTC

Out-of-bounds read in Windows Hyper-V allows an authorized attacker to disclose information locally.

CVE-2025-60705

Feb 13, 2026 20:45:47 UTC

Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally.

CVE-2025-60704

Feb 13, 2026 20:45:46 UTC

Missing cryptographic step in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network.

CVE-2025-60703

Feb 13, 2026 20:45:46 UTC

Untrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

CVE-2025-59513

Feb 13, 2026 20:45:45 UTC

Out-of-bounds read in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to disclose information locally.

CVE-2025-59512

Feb 13, 2026 20:45:45 UTC

Improper access control in Customer Experience Improvement Program (CEIP) allows an authorized attacker to elevate privileges locally.

CVE-2025-59511

Feb 13, 2026 20:45:44 UTC

External control of file name or path in Windows WLAN Service allows an authorized attacker to elevate privileges locally.