Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2008-4270 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-5416. Reason: This candidate is a duplicate of CVE-2008-5416. Notes: All CVE users should reference CVE-2008-5416 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | N/A | 0.17% | 2008-12-30 | 2023-11-06 |
| CVE-2026-42991 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. | 7.8 | 0.17% | 2026-06-09 | 2026-06-17 |
| CVE-2025-59261 | Time-of-check time-of-use (toctou) race condition in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | 7.0 | 0.17% | 2025-10-14 | 2026-06-17 |
| CVE-2025-59193 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally. | 7.0 | 0.17% | 2025-10-14 | 2026-06-17 |
| CVE-2026-26167 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. | 8.8 | 0.18% | 2026-04-14 | 2026-06-17 |
| CVE-2026-33100 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2026-04-14 | 2026-06-17 |
| CVE-2026-33099 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2026-04-14 | 2026-06-17 |
| CVE-2026-47648 | Untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2026-06-09 | 2026-06-17 |
| CVE-2026-45603 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2026-06-09 | 2026-07-08 |
| CVE-2026-45601 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2026-06-09 | 2026-07-08 |
| CVE-2026-45598 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2026-06-09 | 2026-07-08 |
| CVE-2026-45596 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2026-06-09 | 2026-06-17 |
| CVE-2026-32219 | Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2026-04-14 | 2026-06-17 |
| CVE-2026-26168 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | 7.8 | 0.18% | 2026-04-14 | 2026-06-17 |
| CVE-2026-27926 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2026-04-14 | 2026-06-17 |
| CVE-2025-49756 | Use of a broken or risky cryptographic algorithm in Office Developer Platform allows an authorized attacker to bypass a security feature locally. | 3.3 | 0.18% | 2025-07-08 | 2026-06-17 |
| CVE-2026-42836 | Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2026-06-09 | 2026-06-17 |
| CVE-2025-59205 | Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2025-10-14 | 2026-06-17 |
| CVE-2025-58727 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2025-10-14 | 2026-06-17 |
| CVE-2025-49737 | Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Teams allows an authorized attacker to elevate privileges locally. | 7.0 | 0.18% | 2025-07-08 | 2026-06-17 |