CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 6180 of 13920 results
«« First « Prev Page 4 / 696 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2026-58527 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Runtime allows an authorized attacker to elevate privileges locally. 7.8 N/A 2026-07-14 2026-07-14
CVE-2026-58277 Improper authorization in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network. 8.8 N/A 2026-07-14 2026-07-14
CVE-2026-57982 Use of uninitialized resource in Windows RDP allows an authorized attacker to disclose information over a network. 6.5 N/A 2026-07-14 2026-07-14
CVE-2026-57973 Time-of-check time-of-use (toctou) race condition in Windows Subsystem for Linux allows an authorized attacker to perform tampering locally. 6.3 N/A 2026-07-14 2026-07-14
CVE-2026-57968 Buffer over-read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally. 7.8 N/A 2026-07-14 2026-07-14
CVE-2026-57108 Access of resource using incompatible type ('type confusion') in .NET Core allows an unauthorized attacker to deny service over a network. 7.5 N/A 2026-07-14 2026-07-14
CVE-2026-57102 Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network. 8.8 N/A 2026-07-14 2026-07-14
CVE-2026-57101 Improper neutralization of input during web page generation ('cross-site scripting') in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally. 7.1 N/A 2026-07-14 2026-07-14
CVE-2026-57096 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally. 7.8 N/A 2026-07-14 2026-07-14
CVE-2026-57095 Exposure of sensitive information to an unauthorized actor in Windows Win32K allows an unauthorized attacker to elevate privileges locally. 6.2 N/A 2026-07-14 2026-07-14
CVE-2026-57094 Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code over a network. 8.8 N/A 2026-07-14 2026-07-14
CVE-2026-57093 Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. 7.0 N/A 2026-07-14 2026-07-14
CVE-2026-57092 Use after free in Windows VMSwitch allows an authorized attacker to elevate privileges over a network. 9.9 N/A 2026-07-14 2026-07-14
CVE-2026-57091 Stack-based buffer overflow in Windows File History Service allows an authorized attacker to elevate privileges locally. 7.8 N/A 2026-07-14 2026-07-14
CVE-2026-57090 Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code over a network. 8.8 N/A 2026-07-14 2026-07-14
CVE-2026-57089 Use after free in Windows SMB Server Network Transport Driver (srvnet.sys) allows an unauthorized attacker to execute code over a network. 7.5 N/A 2026-07-14 2026-07-14
CVE-2026-57088 Improper access control in Extensible Storage Engine (ESENT) allows an authorized attacker to elevate privileges locally. 7.8 N/A 2026-07-14 2026-07-14
CVE-2026-57087 Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code over a network. 8.8 N/A 2026-07-14 2026-07-14
CVE-2026-57085 Out-of-bounds read in Windows Print Spooler Components allows an authorized attacker to disclose information locally. 5.5 N/A 2026-07-14 2026-07-14
CVE-2026-57084 Use of uninitialized resource in Windows File Explorer allows an unauthorized attacker to disclose information locally. 5.5 N/A 2026-07-14 2026-07-14
«« First « Prev Page 4 / 696 Next »
cvelogic Threat Intelligence