Common Vulnerabilities and Exposures (CVE)

CVE-2026-21248

Apr 10, 2026 13:21:06 UTC

Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.

CVE-2025-58913

Apr 10, 2026 13:21:05 UTC

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CactusThemes VideoPro allows PHP Local File Inclusion.This issue affects VideoPro: from n/a through 2.3.8.1.

CVE-2026-21260

Apr 10, 2026 13:21:05 UTC

Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-21258

Apr 10, 2026 13:21:04 UTC

Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2026-21259

Apr 10, 2026 13:21:03 UTC

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally.

CVE-2026-21512

Apr 10, 2026 13:21:02 UTC

Server-side request forgery (ssrf) in Azure DevOps Server allows an authorized attacker to perform spoofing over a network.

CVE-2026-21517

Apr 10, 2026 13:21:01 UTC

Improper link resolution before file access ('link following') in Windows App for Mac allows an authorized attacker to elevate privileges locally.

CVE-2026-21519

Apr 10, 2026 13:21:00 UTC

Access of resource using incompatible type ('type confusion') in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

CVE-2025-5804

Apr 10, 2026 13:19:43 UTC

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Case Themes Case Theme User allows PHP Local File Inclusion.This issue affects Case Theme User: from n/a before 1.0.4.

CVE-2025-7779

Apr 10, 2026 13:17:25 UTC

Local privilege escalation due to insecure XPC service configuration. The following products are affected: Acronis True Image (macOS) before build 42389, Acronis True Image for SanDisk (macOS) before build 42198, Acronis True Image for West...

CVE-2024-34013

Apr 10, 2026 13:17:05 UTC

Local privilege escalation due to OS command injection vulnerability. The following products are affected: Acronis True Image (macOS) before build 41396, Acronis True Image OEM (macOS) before build 42571.

CVE-2024-34010

Apr 10, 2026 13:16:47 UTC

Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758, Acronis Cyber Protect 16 (Windows) before build 38690, Acronis True I...

CVE-2025-11178

Apr 10, 2026 13:16:25 UTC

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image (Windows) before build 42386, Acronis True Image for Western Digital (Windows) before build 42636, Acronis True Image for...

CVE-2023-44208

Apr 10, 2026 13:16:07 UTC

Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713, Acronis True Image OEM (Windows) before build 42575.

CVE-2023-48677

Apr 10, 2026 13:15:52 UTC

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40901, Acronis Cyber Protect Cloud Agent (Windows) before build 39378, Acronis Cybe...