Month: April 2025

Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network. Continue reading CVE-2025-26686 Windows TCP/IP Remote Code Execution Vulnerability→

Exposed dangerous method or function in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network. Continue reading CVE-2025-26651 Windows Local Session Manager (LSM) Denial of Service Vulnerability→

Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. Continue reading CVE-2025-26680 Windows Standards-Based Storage Management Service Denial of Service Vulnerability→

Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attacker to perform spoofing locally. Continue reading CVE-2025-26644 Windows Hello Spoofing Vulnerability→

Sensitive data storage in improperly locked memory in Windows upnphost.dll allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-26665 Windows upnphost.dll Elevation of Privilege Vulnerability→

Heap-based buffer overflow in Windows Media allows an authorized attacker to execute code locally. Continue reading CVE-2025-26666 Windows Media Remote Code Execution Vulnerability→

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. Continue reading CVE-2025-26669 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability→

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. Continue reading CVE-2025-26668 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability→