Month: January 2026

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-20820 Windows Common Log File System Driver Elevation of Privilege Vulnerability→

Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-20938 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability→

Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to disclose information locally. Continue reading CVE-2026-20819 Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability→

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows SMB Server allows an authorized attacker to elevate privileges over a network. Continue reading CVE-2026-20926 Windows SMB Server Elevation of Privilege Vulnerability→

Insertion of sensitive information into log file in Windows Kernel allows an unauthorized attacker to disclose information locally. Continue reading CVE-2026-20818 Windows Kernel Information Disclosure Vulnerability→

Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally. Continue reading CVE-2026-20922 Windows NTFS Remote Code Execution Vulnerability→

Improper handling of insufficient permissions or privileges in Windows Error Reporting allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-20817 Windows Error Reporting Service Elevation of Privilege Vulnerability→

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Continue reading CVE-2026-20950 Microsoft Excel Remote Code Execution Vulnerability→