CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 120 of 1720 results
«« First « Prev Page 1 / 86 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2026-57092 Use after free in Windows VMSwitch allows an authorized attacker to elevate privileges over a network. 9.9 0.99% 2026-07-14 2026-07-17
CVE-2026-56190 Use of uninitialized resource in Windows RDP allows an unauthorized attacker to execute code over a network. 9.8 0.93% 2026-07-14 2026-07-15
CVE-2026-56188 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Server Network driver allows an unauthorized attacker to execute code over a network. 9.8 1.00% 2026-07-14 2026-07-14
CVE-2026-56159 Heap-based buffer overflow in Windows DHCP Server allows an unauthorized attacker to execute code over a network. 9.8 0.85% 2026-07-14 2026-07-15
CVE-2026-55944 Deserialization of untrusted data in Microsoft Dynamics NAV allows an unauthorized attacker to execute code over a network. 9.8 1.31% 2026-07-14 2026-07-14
CVE-2026-55040 Weak authentication in Microsoft Office SharePoint allows an unauthorized attacker to bypass a security feature over a network. 9.1 0.68% 2026-07-14 2026-07-15
CVE-2026-55010 Heap-based buffer overflow in Minecraft Bedrock Dedicated Server allows an unauthorized attacker to execute code over a network. 9.8 0.76% 2026-07-14 2026-07-14
CVE-2026-50518 Heap-based buffer overflow in Windows DHCP Server allows an unauthorized attacker to execute code over a network. 9.8 7.36% 2026-07-14 2026-07-15
CVE-2026-50447 Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over a network. 9.8 0.93% 2026-07-14 2026-07-15
CVE-2026-50380 Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. 9.6 0.62% 2026-07-14 2026-07-15
CVE-2026-58644 KEV Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code over a network. 9.8 1.47% 2026-07-14 2026-07-17
CVE-2026-55008 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network. 9.6 0.73% 2026-07-14 2026-07-15
CVE-2026-54990 Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. 9.8 0.67% 2026-07-14 2026-07-15
CVE-2026-50522 Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code over a network. 9.8 20.35% 2026-07-14 2026-07-15
CVE-2026-49798 Use after free in Windows Kernel allows an unauthorized attacker to elevate privileges locally. 9.3 2.29% 2026-07-14 2026-07-16
CVE-2026-49172 Heap-based buffer overflow in Windows FTP Service allows an unauthorized attacker to execute code over a network. 9.8 0.67% 2026-07-14 2026-07-14
CVE-2026-48561 Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthorized attacker to execute code over a network. 9.6 0.75% 2026-07-14 2026-07-16
CVE-2026-42990 Heap-based buffer overflow in SQL Server ODBC driver allows an unauthorized attacker to execute code over a network. 9.8 0.67% 2026-07-14 2026-07-16
CVE-2026-47646 Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Customer Voice allows an unauthorized attacker to perform spoofing over a network. 9.3 0.27% 2026-07-08 2026-07-09
CVE-2026-58289 Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. 9.0 0.44% 2026-07-03 2026-07-07
«« First « Prev Page 1 / 86 Next »
cvelogic Threat Intelligence