Month: April 2026

Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-27924 Desktop Window Manager Elevation of Privilege Vulnerability→

Improper privilege management in Microsoft Windows allows an authorized attacker to deny service locally. Continue reading CVE-2026-32181 Connected User Experiences and Telemetry Service Denial of Service Vulnerability→

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows TCP/IP allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-27921 Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability→

Improper input validation in Azure Monitor Agent allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-32168 Azure Monitor Agent Elevation of Privilege Vulnerability→

Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-27919 Windows UPnP Device Host Elevation of Privilege Vulnerability→

Use after free in Windows User Interface Core allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-32165 Windows User Interface Core Elevation of Privilege Vulnerability→

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Shell allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-27918 Windows Shell Elevation of Privilege Vulnerability→

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Push Notifications allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-32160 Windows Push Notifications Elevation of Privilege Vulnerability→