Month: April 2026

Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally. Continue reading CVE-2026-27931 Windows GDI Information Disclosure Vulnerability→

Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally. Continue reading CVE-2026-32215 Windows Kernel Information Disclosure Vulnerability→

Time-of-check time-of-use (toctou) race condition in Windows LUAFV allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-27929 Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability→

Stack-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-32195 Windows Kernel Elevation of Privilege Vulnerability→

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Projected File System allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-27927 Windows Projected File System Elevation of Privilege Vulnerability→

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Continue reading CVE-2026-32189 Microsoft Excel Remote Code Execution Vulnerability→

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-27926 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability→

Deserialization of untrusted data in Microsoft High Performance Compute Pack (HPC) allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-32184 Microsoft High Performance Compute (HPC) Pack Elevation of Privilege Vulnerability→