TheWindowsUpdate.com

Use after free in Windows Bluetooth Port Driver allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-45640 Windows Bluetooth Port Driver Elevation of Privilege Vulnerability→

Improper neutralization of input during web page generation (‘cross-site scripting’) in Microsoft Live Share Canvas SDK allows an authorized attacker to elevate privileges over a network. Continue reading CVE-2026-45644 Microsoft Live Share Canvas SDK Elevation of Privilege Vulnerability→

Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-45647 Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability→

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-45637 Microsoft DWM Core Library Elevation of Privilege Vulnerability→

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-45653 Windows Kernel Elevation of Privilege Vulnerability→

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-45638 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability→

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. Continue reading CVE-2026-44819 Microsoft Office Remote Code Execution Vulnerability→

No cwe for this issue in Windows DHCP Server allows an unauthorized attacker to perform tampering over a network. Continue reading CVE-2026-45602 Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability→