Month: April 2026

Double free in Windows Kernel allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-26179 Windows Kernel Elevation of Privilege Vulnerability→

Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally. Continue reading CVE-2026-32218 Windows Kernel Information Disclosure Vulnerability→

Use of uninitialized resource in Windows Boot Manager allows an unauthorized attacker to bypass a security feature with a physical attack. Continue reading CVE-2026-26175 Windows Boot Manager Security Feature Bypass Vulnerability→

Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network. Continue reading CVE-2026-32202 Windows Shell Spoofing Vulnerability→

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Server Update Service allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-26174 Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability→

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. Continue reading CVE-2026-32188 Microsoft Excel Information Disclosure Vulnerability→

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Push Notifications allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-26167 Windows Push Notifications Elevation of Privilege Vulnerability→

Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network. Continue reading CVE-2026-32178 .NET Spoofing Vulnerability→