🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-24291 | High | 7.8 |
Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure (ATBroker.exe) allows an a…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-26108 | High | 7.8 |
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-24287 | High | 7.8 |
External control of file name or path in Windows Kernel allows an authorized attacker to elevate privileges locally.
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-23672 | High | 7.8 |
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-24290 | High | 7.8 |
Improper access control in Windows Projected File System allows an authorized attacker to elevate privileges locally.
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-23665 | High | 7.8 |
Heap-based buffer overflow in Azure Linux Virtual Machines allows an authorized attacker to elevate privileges locally.
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-25175 | High | 7.8 |
Out-of-bounds read in Windows NTFS allows an authorized attacker to elevate privileges locally.
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-25174 | High | 7.8 |
Out-of-bounds read in Windows Extensible File Allocation allows an authorized attacker to elevate privileges locally.
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-25176 | High | 7.8 |
Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privil…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-23660 | High | 7.8 |
Improper access control in Azure Portal Windows Admin Center allows an authorized attacker to elevate privileges locally…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-25189 | High | 7.8 |
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-25187 | High | 7.8 |
Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate priv…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-25190 | High | 7.8 |
Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally.
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-26112 | High | 7.8 |
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-26107 | High | 7.8 |
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-26141 | High | 7.8 |
Improper authentication in Azure Arc allows an authorized attacker to elevate privileges locally.
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-26134 | High | 7.8 |
Integer overflow or wraparound in Microsoft Office allows an authorized attacker to elevate privileges locally.
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-26132 | High | 7.8 |
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-26117 | High | 7.8 |
Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized att…
|
✅ Patch | Mar 10, 2026 |
| CVE-2026-26131 | High | 7.8 |
Incorrect default permissions in .NET allows an authorized attacker to elevate privileges locally.
|
✅ Patch | Mar 10, 2026 |