Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (7280 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-27911 1 Microsoft 24 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 21 more 2026-04-17 7.8 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.
CVE-2026-27909 1 Microsoft 29 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 26 more 2026-04-17 7.8 High
Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.
CVE-2026-26182 1 Microsoft 29 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 26 more 2026-04-17 7 High
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-26177 1 Microsoft 29 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 26 more 2026-04-17 7 High
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-26173 1 Microsoft 29 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 26 more 2026-04-17 7 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-26172 1 Microsoft 18 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 15 more 2026-04-17 7.8 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVE-2026-26168 1 Microsoft 29 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 26 more 2026-04-17 7.8 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-23657 1 Microsoft 3 365 Apps, Microsoft 365 Apps For Enterprise, Office 2024 2026-04-17 7.8 High
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-33095 1 Microsoft 5 365 Apps, Office 2021, Office 2024 and 2 more 2026-04-17 7.8 High
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-32189 1 Microsoft 9 365 Apps, Excel 2016, Microsoft 365 Apps For Enterprise and 6 more 2026-04-17 7.8 High
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-32165 1 Microsoft 21 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 18 more 2026-04-17 7.8 High
Use after free in Windows User Interface Core allows an authorized attacker to elevate privileges locally.
CVE-2026-32159 1 Microsoft 21 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 18 more 2026-04-17 7.8 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVE-2026-32158 1 Microsoft 21 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 18 more 2026-04-17 7.8 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVE-2026-32157 1 Microsoft 31 Remote Desktop, Windows 10 1607, Windows 10 1809 and 28 more 2026-04-17 8.8 High
Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-32156 1 Microsoft 29 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 26 more 2026-04-17 7.4 High
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to execute code locally.
CVE-2026-32154 1 Microsoft 24 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 21 more 2026-04-17 7.8 High
Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
CVE-2026-32152 1 Microsoft 14 Windows 11 22h3, Windows 11 23h2, Windows 11 23h2 and 11 more 2026-04-17 7.8 High
Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
CVE-2026-32090 1 Microsoft 24 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 21 more 2026-04-17 7.8 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally.
CVE-2026-32089 1 Microsoft 24 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 21 more 2026-04-17 7.8 High
Use after free in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally.
CVE-2026-32075 1 Microsoft 29 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 26 more 2026-04-17 7 High
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.