Common Vulnerabilities and Exposures (CVE)
CVE-2026-40403
Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to execute code locally.
CVE-2026-40402
Use after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally.
CVE-2026-40398
Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.
CVE-2026-32209
Improper access control in Windows Filtering Platform (WFP) allows an authorized attacker to bypass a security feature locally.
CVE-2026-40397
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-40382
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
CVE-2026-40369
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-40370
External control of file name or path in SQL Server allows an authorized attacker to execute code over a network.
CVE-2026-40367
Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-40365
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-40362
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-40361
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-40359
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-40358
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.