🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-32195 | High | 7.0 |
Stack-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
|
— | Apr 14, 2026 |
| CVE-2026-32224 | High | 7.0 |
Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges locally.
|
— | Apr 14, 2026 |
| CVE-2026-37980 | Medium | 6.9 |
A flaw was found in Keycloak, specifically in the organization selection login page. A remote attacker with `manage-real…
|
— | Apr 14, 2026 |
| CVE-2026-32223 | Medium | 6.8 |
Heap-based buffer overflow in Windows USB Print Driver allows an unauthorized attacker to elevate privileges with a phys…
|
— | Apr 14, 2026 |
| CVE-2026-0390 | Medium | 6.7 |
Reliance on untrusted inputs in a security decision in Windows Boot Loader allows an authorized attacker to bypass a sec…
|
— | Apr 14, 2026 |
| CVE-2026-32176 | Medium | 6.7 |
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized …
|
— | Apr 14, 2026 |
| CVE-2026-32167 | Medium | 6.7 |
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized …
|
— | Apr 14, 2026 |
| CVE-2026-2582 | Medium | 6.5 |
The The Germanized for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution via 'account_hold…
|
— | Apr 14, 2026 |
| CVE-2026-27679 | Medium | 6.5 |
Due to missing authorization checks in the SAP S/4HANA frontend OData Service (Manage Reference Structures), an attacker…
|
— | Apr 14, 2026 |
| CVE-2026-27678 | Medium | 6.5 |
Due to missing authorization checks in the SAP S/4HANA backend OData Service (Manage Reference Structures), an attacker …
|
— | Apr 14, 2026 |
| CVE-2026-34261 | Medium | 6.5 |
Due to a missing authorization check in SAP Business Analytics and SAP Content Management, an authenticated user could m…
|
— | Apr 14, 2026 |
| CVE-2026-27677 | Medium | 6.5 |
Due to missing authorization checks in the SAP S/4HANA OData Service (Manage Reference Equipment), an attacker could upd…
|
— | Apr 14, 2026 |
| CVE-2026-34264 | Medium | 6.5 |
During authorization checks in SAP Human Capital Management for SAP S/4HANA, the system returns specific messages. Due t…
|
— | Apr 14, 2026 |
| CVE-2026-26155 | Medium | 6.5 |
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
|
— | Apr 14, 2026 |
| CVE-2026-32151 | Medium | 6.5 |
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose in…
|
— | Apr 14, 2026 |
| CVE-2026-27925 | Medium | 6.5 |
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to disclose informa…
|
— | Apr 14, 2026 |
| CVE-2026-32201 | Medium | 6.5 |
Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a netw…
|
— | Apr 14, 2026 |
| CVE-2026-1607 | Medium | 6.4 |
The Surbma | Booking.com Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `s…
|
— | Apr 14, 2026 |
| CVE-2026-4059 | Medium | 6.4 |
The ShopLentor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the woolentor_quickview_button shor…
|
— | Apr 14, 2026 |
| CVE-2026-34626 | Medium | 6.3 |
Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Mo…
|
— | Apr 14, 2026 |