January 2026 – Page 11 – TheWindowsUpdate.com

CVE-2026-20851 Capability Access Management Service (camsvc) Information Disclosure Vulnerability

Posted on January 13, 2026 by Syndicated News — No Comments ↓

Out-of-bounds read in Capability Access Management Service (camsvc) allows an unauthorized attacker to disclose information locally. Continue reading CVE-2026-20851 Capability Access Management Service (camsvc) Information Disclosure Vulnerability→

Posted on January 13, 2026 by Syndicated News — No Comments ↓

Stack-based buffer overflow in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-21224 Azure Connected Machine Agent Elevation of Privilege Vulnerability→

Posted on January 13, 2026 by Syndicated News — No Comments ↓

Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to perform spoofing over a network. Continue reading CVE-2026-20847 Microsoft Windows File Explorer Spoofing Vulnerability→

Posted on January 13, 2026 by Syndicated News — No Comments ↓

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Capability Access Management Service (camsvc) allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-20830 Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability→

Posted on January 13, 2026 by Syndicated News — No Comments ↓

Microsoft is aware of vulnerabilities in the third party Agere Soft Modem drivers that ship natively with supported Windows operating systems. This is an announcement of the removal of agrsm64.sys and agrsm.sys drivers. The drivers have been removed in… Continue reading CVE-2023-31096 MITRE: CVE-2023-31096 Windows Agere Soft Modem Driver Elevation of Privilege Vulnerability→

Posted on January 13, 2026 by Syndicated News — No Comments ↓

Improper neutralization of input during web page generation (‘cross-site scripting’) in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. Continue reading CVE-2026-20959 Microsoft SharePoint Server Spoofing Vulnerability→

Posted on January 13, 2026 by Syndicated News — No Comments ↓

Use after free in Windows Clipboard Server allows an unauthorized attacker to elevate privileges locally. Continue reading CVE-2026-20844 Windows Clipboard Server Elevation of Privilege Vulnerability→

Posted on January 13, 2026 by Syndicated News — No Comments ↓

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Continue reading CVE-2026-20955 Microsoft Excel Remote Code Execution Vulnerability→