HackTesting

Common Vulnerabilities and Exposures (CVE)

CVE-2026-26171

Apr 30, 2026 14:42:30 UTC

Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network.

CVE-2026-32201

Apr 30, 2026 14:42:30 UTC

Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-32200

Apr 30, 2026 14:42:29 UTC

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

CVE-2026-32199

Apr 30, 2026 14:42:28 UTC

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-32198

Apr 30, 2026 14:42:28 UTC

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-32197

Apr 30, 2026 14:42:26 UTC

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-32196

Apr 30, 2026 14:42:25 UTC

Improper neutralization of input during web page generation ('cross-site scripting') in Windows Admin Center allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-32190

Apr 30, 2026 14:42:25 UTC

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2026-32176

Apr 30, 2026 14:42:24 UTC

Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.

CVE-2026-32171

Apr 30, 2026 14:42:23 UTC

Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.

CVE-2026-32164

Apr 30, 2026 14:42:22 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.

CVE-2026-32163

Apr 30, 2026 14:42:22 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.

CVE-2026-32162

Apr 30, 2026 14:42:21 UTC

Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally.

CVE-2026-32155

Apr 30, 2026 14:42:20 UTC

Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

CVE-2026-32153

Apr 30, 2026 14:42:20 UTC

Use after free in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.

Page: 37