CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.10)

CVE-2026-45653
High

A heap-based buffer overflow in the Windows kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-45649
High

Improper access control in Office for Android allows an unauthorized attacker to perform spoofing locally.

CVE-2026-45648
High

Stack-based buffer overflow in Active Directory Domain Services allows an authorized attacker to execute code over a network.

CVE-2026-45645
High

A vulnerability in Microsoft Office allows an unauthorized attacker to execute code locally via an untrusted pointer dereference. The issue stems from improper pointer validation in memory.

CVE-2026-45644
High

The Microsoft Live Share Canvas SDK has improper neutralization of input during web page generation, leading to a cross-site scripting vulnerability. An authorized attacker can exploit this flaw to elevate their privileges over a network.

CVE-2026-45643
High

Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVE-2026-45641
High

A type confusion vulnerability in Windows Hyper-V allows an unauthorized attacker to execute code locally. The flaw arises from accessing a resource using an incompatible type.

CVE-2026-45640
High

Use after free in Windows Bluetooth Port Driver allows an authorized attacker to elevate privileges locally.

CVE-2026-45639
High

An out-of-bounds read vulnerability in Windows RDP allows an unauthorized attacker to disclose information over a network.

CVE-2026-45638
High

A heap-based buffer overflow in the Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2026-45637
High

A use after free vulnerability in the Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

CVE-2026-45636
High

Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.

CVE-2026-45635
High

A type confusion vulnerability in the upnp.dll library allows an unauthorized attacker to execute code remotely over the network. The issue affects the Universal Plug and Play (UPnP) component.

CVE-2026-45607
High

Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.

CVE-2026-45605
High

A use after free vulnerability in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.

CVE-2026-45603
High

A race condition vulnerability exists in the Windows Ancillary Function Driver for WinSock due to improper synchronization of shared resources. This flaw allows an authorized attacker to locally elevate privileges.

CVE-2026-45601
High

A race condition in the Windows Ancillary Function Driver for WinSock (AFD.sys) allows an authorized attacker to elevate privileges locally. The vulnerability stems from improper synchronization when accessing shared resources concurrently.

CVE-2026-45600
High

In Windows, a vulnerability in kernel-mode drivers allows access to resources using an incompatible type ('type confusion'). This enables an authorized attacker to elevate privileges locally.

CVE-2026-45599
High

The 'Use after free' vulnerability in the upnp.dll library of Universal Plug and Play allows an unauthorized attacker to execute code remotely over a network.

CVE-2026-45598
High

A race condition in the Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally due to improper synchronization of shared resources.

PreviousPage 167 of 3362Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS