Common Vulnerabilities and Exposures (CVE)

CVE-2026-50678

Jul 14, 2026 17:07:27 UTC

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2026-50675

Jul 14, 2026 17:07:26 UTC

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-54108

Jul 14, 2026 17:07:25 UTC

External control of file name or path in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

CVE-2026-50520

Jul 14, 2026 17:07:25 UTC

Improper neutralization of special elements used in a command ('command injection') in Visual Studio Code allows an unauthorized attacker to execute code locally.

CVE-2026-55144

Jul 14, 2026 17:07:24 UTC

Missing cryptographic step in Windows CryptoAPI allows an authorized attacker to perform tampering locally.

CVE-2026-55002

Jul 14, 2026 17:07:24 UTC

External control of file name or path in SQL Server allows an authorized attacker to elevate privileges locally.

CVE-2026-54118

Jul 14, 2026 17:07:23 UTC

Deserialization of untrusted data in SQL Server allows an authorized attacker to execute code over a network.

CVE-2026-54117

Jul 14, 2026 17:07:23 UTC

Deserialization of untrusted data in SQL Server allows an authorized attacker to execute code over a network.

CVE-2026-55012

Jul 14, 2026 17:07:22 UTC

Integer overflow or wraparound in Microsoft Defender allows an unauthorized attacker to execute code locally.

CVE-2026-55011

Jul 14, 2026 17:07:21 UTC

Integer underflow (wrap or wraparound) in Microsoft Defender allows an unauthorized attacker to execute code locally.

CVE-2026-50338

Jul 14, 2026 17:07:20 UTC

Improper authentication in Azure Spring Apps allows an authorized attacker to elevate privileges over a network.

CVE-2026-54122

Jul 14, 2026 17:07:20 UTC

Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code locally.

CVE-2026-54995

Jul 14, 2026 17:07:19 UTC

Use after free in Reliable Multicast Transport Driver (RMCAST) allows an unauthorized attacker to execute code over a network.

CVE-2026-55003

Jul 14, 2026 17:07:19 UTC

Use of uninitialized resource in Windows RDP allows an unauthorized attacker to disclose information over a network.

CVE-2026-54999

Jul 14, 2026 17:07:18 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an unauthorized attacker to execute code over an adjacent network.