Common Vulnerabilities and Exposures (CVE)

CVE-2026-44824

Jul 1, 2026 20:13:31 UTC

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2026-44823

Jul 1, 2026 20:13:30 UTC

Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-44821

Jul 1, 2026 20:13:30 UTC

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

CVE-2026-44820

Jul 1, 2026 20:13:29 UTC

Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-44819

Jul 1, 2026 20:13:28 UTC

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2026-44818

Jul 1, 2026 20:13:28 UTC

Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-44817

Jul 1, 2026 20:13:27 UTC

Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-42902

Jul 1, 2026 20:13:27 UTC

Improper authorization in Microsoft PowerToys allows an authorized attacker to elevate privileges locally.

CVE-2026-34335

Jul 1, 2026 20:13:25 UTC

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2026-33828

Jul 1, 2026 20:13:25 UTC

Trust boundary violation in Windows Attestation allows an authorized attacker to elevate privileges locally.

CVE-2026-40404

Jul 1, 2026 20:13:24 UTC

Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

CVE-2026-40409

Jul 1, 2026 20:13:23 UTC

Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

CVE-2026-48584

Jul 1, 2026 20:13:23 UTC

Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges over a network.

CVE-2026-47647

Jul 1, 2026 20:13:22 UTC

Improper access control in Microsoft Dynamics 365 allows an authorized attacker to elevate privileges over a network.

CVE-2026-54130

Jul 1, 2026 20:13:22 UTC

Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network.