Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2026-58527 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Runtime allows an authorized attacker to elevate privileges locally. | 7.8 | N/A | 2026-07-14 | 2026-07-14 |
| CVE-2026-58277 | Improper authorization in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network. | 8.8 | N/A | 2026-07-14 | 2026-07-14 |
| CVE-2026-57982 | Use of uninitialized resource in Windows RDP allows an authorized attacker to disclose information over a network. | 6.5 | N/A | 2026-07-14 | 2026-07-14 |
| CVE-2026-57973 | Time-of-check time-of-use (toctou) race condition in Windows Subsystem for Linux allows an authorized attacker to perform tampering locally. | 6.3 | N/A | 2026-07-14 | 2026-07-14 |
| CVE-2026-57968 | Buffer over-read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally. | 7.8 | N/A | 2026-07-14 | 2026-07-14 |
| CVE-2026-57108 | Access of resource using incompatible type ('type confusion') in .NET Core allows an unauthorized attacker to deny service over a network. | 7.5 | N/A | 2026-07-14 | 2026-07-14 |
| CVE-2026-57102 | Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network. | 8.8 | N/A | 2026-07-14 | 2026-07-14 |
| CVE-2026-57101 | Improper neutralization of input during web page generation ('cross-site scripting') in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally. | 7.1 | N/A | 2026-07-14 | 2026-07-14 |
| CVE-2026-57096 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally. | 7.8 | N/A | 2026-07-14 | 2026-07-14 |
| CVE-2026-57095 | Exposure of sensitive information to an unauthorized actor in Windows Win32K allows an unauthorized attacker to elevate privileges locally. | 6.2 | N/A | 2026-07-14 | 2026-07-14 |
| CVE-2026-57094 | Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code over a network. | 8.8 | N/A | 2026-07-14 | 2026-07-14 |
| CVE-2026-57093 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | 7.0 | N/A | 2026-07-14 | 2026-07-14 |
| CVE-2026-57092 | Use after free in Windows VMSwitch allows an authorized attacker to elevate privileges over a network. | 9.9 | N/A | 2026-07-14 | 2026-07-14 |
| CVE-2026-57091 | Stack-based buffer overflow in Windows File History Service allows an authorized attacker to elevate privileges locally. | 7.8 | N/A | 2026-07-14 | 2026-07-14 |
| CVE-2026-57090 | Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code over a network. | 8.8 | N/A | 2026-07-14 | 2026-07-14 |
| CVE-2026-57089 | Use after free in Windows SMB Server Network Transport Driver (srvnet.sys) allows an unauthorized attacker to execute code over a network. | 7.5 | N/A | 2026-07-14 | 2026-07-14 |
| CVE-2026-57088 | Improper access control in Extensible Storage Engine (ESENT) allows an authorized attacker to elevate privileges locally. | 7.8 | N/A | 2026-07-14 | 2026-07-14 |
| CVE-2026-57087 | Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code over a network. | 8.8 | N/A | 2026-07-14 | 2026-07-14 |
| CVE-2026-57085 | Out-of-bounds read in Windows Print Spooler Components allows an authorized attacker to disclose information locally. | 5.5 | N/A | 2026-07-14 | 2026-07-14 |
| CVE-2026-57084 | Use of uninitialized resource in Windows File Explorer allows an unauthorized attacker to disclose information locally. | 5.5 | N/A | 2026-07-14 | 2026-07-14 |