HackTesting

Common Vulnerabilities and Exposures (CVE)

CVE-2026-32175

Jun 5, 2026 16:39:06 UTC

A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who successfully exploited this vulnerability could write arbitrary files and directories to certain locations on a vulnerable system. H...

CVE-2026-42831

Jun 5, 2026 16:39:05 UTC

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2026-32185

Jun 5, 2026 16:39:05 UTC

Files or directories accessible to external parties in Microsoft Teams allows an unauthorized attacker to perform spoofing locally.

CVE-2026-32170

Jun 5, 2026 16:39:04 UTC

Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally.

CVE-2026-32161

Jun 5, 2026 16:39:03 UTC

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Native WiFi Miniport Driver allows an unauthorized attacker to execute code over an adjacent network.

CVE-2026-41614

Jun 5, 2026 16:39:02 UTC

Improper access control in M365 Copilot for Desktop allows an unauthorized attacker to perform spoofing locally.

CVE-2026-41612

Jun 5, 2026 16:39:02 UTC

Relative path traversal in Visual Studio Code allows an unauthorized attacker to disclose information locally.

CVE-2026-41611

Jun 5, 2026 16:39:01 UTC

Improper neutralization of script-related html tags in a web page (basic xss) in Visual Studio Code allows an unauthorized attacker to execute code locally.

CVE-2026-41610

Jun 5, 2026 16:39:00 UTC

Improper neutralization of input during web page generation ('cross-site scripting') in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.

CVE-2026-41109

Jun 5, 2026 16:39:00 UTC

Improper neutralization of special elements in output used by a downstream component ('injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to bypass a security feature over a network.

CVE-2026-41102

Jun 5, 2026 16:38:59 UTC

Improper access control in Microsoft Office PowerPoint allows an authorized attacker to perform spoofing locally.

CVE-2026-41101

Jun 5, 2026 16:38:58 UTC

Improper access control in Microsoft Office Word allows an authorized attacker to perform spoofing locally.

CVE-2026-41100

Jun 5, 2026 16:38:58 UTC

Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally.

CVE-2026-41096

Jun 5, 2026 16:38:57 UTC

Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network.

CVE-2026-41095

Jun 5, 2026 16:38:56 UTC

Use after free in Data Deduplication allows an authorized attacker to elevate privileges locally.

Page: 9