Month: April 2026

Use after free in Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-27917 Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Elevation of Privilege Vulnerability→

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Push Notifications allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-32158 Windows Push Notifications Elevation of Privilege Vulnerability→

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-27915 Windows UPnP Device Host Elevation of Privilege Vulnerability→

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to execute code locally. Continue reading CVE-2026-32156 Windows UPnP Device Host Remote Code Execution Vulnerability→

Use after free in Windows TDI Translation Driver (tdx.sys) allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-27908 Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability→

Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-32152 Desktop Window Manager Elevation of Privilege Vulnerability→

Integer underflow (wrap or wraparound) in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-27907 Windows Storage Spaces Controller Elevation of Privilege Vulnerability→

[CVE-2026-32631](https://www.cve.org/CVERecord?id=CVE-2026-32631) is regarding a vulnerability where it is possible to obtain a user’s NTLM hash by tricking them into cloning a malicious repository, or checking out a malicious branch that accesses an a… Continue reading CVE-2026-32631 GitHub: CVE-2026-32631 ‘git clone’ from manipulated repositories can leak NTLM hashes→