TheWindowsUpdate.com

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-23668 Windows Graphics Component Elevation of Privilege Vulnerability→

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-23671 Windows Bluetooth RFCOM Protocol Driver Elevation of Privilege Vulnerability→

Use after free in Windows Print Spooler Components allows an authorized attacker to execute code over a network. Continue reading CVE-2026-23669 Windows Print Spooler Remote Code Execution Vulnerability→

Out-of-bounds read in Windows Resilient File System (ReFS) allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-23673 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability→

Information published. Continue reading CVE-2026-23672 Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability→

Exposure of sensitive information to an unauthorized actor in Windows Shell Link Processing allows an unauthorized attacker to perform spoofing over a network. Continue reading CVE-2026-25185 Windows Shell Link Processing Spoofing Vulnerability→

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-25178 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability→

Deserialization of untrusted data in Windows System Image Manager allows an authorized attacker to execute code locally. Continue reading CVE-2026-25166 Windows System Image Manager Assessment and Deployment Kit (ADK) Remote Code Execution Vulnerability→