Author Archives: Syndicated News

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-23671 Windows Bluetooth RFCOM Protocol Driver Elevation of Privilege Vulnerability→

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Continue reading CVE-2026-26109 Microsoft Excel Remote Code Execution Vulnerability→

Dependency on vulnerable third-party component in GitHub Repo: zero-shot-scfoundation allows an unauthorized attacker to execute code over a network. Continue reading CVE-2026-23654 GitHub: Zero Shot SCFoundation Remote Code Execution Vulnerability→

Improper validation of specified type of input in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-25179 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability→

Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally. Continue reading CVE-2026-25190 GDI Remote Code Execution Vulnerability→

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Continue reading CVE-2026-26112 Microsoft Excel Remote Code Execution Vulnerability→

Insufficient verification of data authenticity in Windows App Installer allows an unauthorized attacker to perform spoofing over a network. Continue reading CVE-2026-23656 Windows App Installer Spoofing Vulnerability→

Null pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to deny service locally. Continue reading CVE-2026-25168 Windows Graphics Component Denial of Service Vulnerability→