| | CVE-2026-39809 |  Fortinet | medium | 6.7 | 0.0%
| | A improper neutralization of special elements used in an sql command ('sql injection') vulnerability… | Apr 14, 2026 | Apr 21, 2026 |
| | CVE-2026-39810 | Fortinet | medium | 6.0 | 0.0%
| | A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5 m… | Apr 14, 2026 | Apr 21, 2026 |
| | CVE-2026-39811 | Fortinet | medium | 4.9 | 0.1%
| | A integer overflow or wraparound vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.… | Apr 14, 2026 | Apr 21, 2026 |
| | CVE-2026-39812 | Fortinet | medium | 4.8 | 0.0%
| | A improper neutralization of input during web page generation ('cross-site scripting') vulnerability… | Apr 14, 2026 | Apr 21, 2026 |
| | CVE-2026-39813 | Fortinet | critical | 9.8 | 0.1%
| | A path traversal: '../filedir' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSand… | Apr 14, 2026 | Apr 20, 2026 |
| | CVE-2026-39814 | Fortinet | medium | 6.7 | 0.0%
| | A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 thr… | Apr 14, 2026 | Apr 21, 2026 |
| | CVE-2026-39815 | Fortinet | high | 8.8 | 0.1%
| | A improper neutralization of special elements used in an sql command ('sql injection') vulnerability… | Apr 14, 2026 | Apr 20, 2026 |
| | CVE-2026-20930 |  Microsoft | high | 7.8 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-25184 | Microsoft | high | 7.0 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Applo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-23670 | Microsoft | medium | 5.7 | 0.1%
| | Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an autho… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26151 | Microsoft | high | 7.1 | 0.1%
| | Insufficient ui warning of dangerous operations in Windows Remote Desktop allows an unauthorized att… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26154 | Microsoft | high | 7.5 | 0.1%
| | Improper input validation in Windows Server Update Service allows an unauthorized attacker to perfor… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26155 | Microsoft | medium | 6.5 | 0.1%
| | Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26160 | Microsoft | high | 7.8 | 0.0%
| | Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an a… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26161 | Microsoft | high | 7.8 | 0.1%
| | Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevat… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26162 | Microsoft | high | 7.8 | 0.1%
| | Access of resource using incompatible type ('type confusion') in Windows OLE allows an authorized at… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26165 | Microsoft | high | 7.0 | 0.0%
| | Use after free in Windows Shell allows an authorized attacker to elevate privileges locally. | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26166 | Microsoft | high | 7.0 | 0.0%
| | Double free in Windows Shell allows an authorized attacker to elevate privileges locally. | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26167 | Microsoft | high | 8.8 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26174 | Microsoft | high | 7.0 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26175 | Microsoft | medium | 4.6 | 0.2%
| | Use of uninitialized resource in Windows Boot Manager allows an unauthorized attacker to bypass a se… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26179 | Microsoft | high | 7.8 | 0.1%
| | Double free in Windows Kernel allows an authorized attacker to elevate privileges locally. | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26180 | Microsoft | high | 7.8 | 0.0%
| | Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges loc… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26181 | Microsoft | high | 7.8 | 0.0%
| | Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privilege… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-26183 | Microsoft | high | 7.8 | 0.0%
| | Improper access control in Windows RPC API allows an authorized attacker to elevate privileges local… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27906 | Microsoft | medium | 4.4 | 0.1%
| | Improper input validation in Windows Hello allows an authorized attacker to bypass a security featur… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27907 | Microsoft | high | 7.8 | 0.1%
| | Integer underflow (wrap or wraparound) in Windows Storage Spaces Controller allows an authorized att… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27908 | Microsoft | high | 7.0 | 0.1%
| | Use after free in Windows TDI Translation Driver (tdx.sys) allows an authorized attacker to elevate … | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27915 | Microsoft | high | 7.8 | 0.0%
| | Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker t… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27917 | Microsoft | high | 7.0 | 0.0%
| | Use after free in Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) allows an authorized atta… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27918 | Microsoft | high | 7.8 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27919 | Microsoft | high | 7.8 | 0.0%
| | Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an author… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27921 | Microsoft | high | 7.0 | 0.1%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27924 | Microsoft | high | 7.8 | 0.0%
| | Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27926 | Microsoft | high | 7.0 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27927 | Microsoft | high | 7.8 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27929 | Microsoft | high | 7.0 | 0.0%
| | Time-of-check time-of-use (toctou) race condition in Windows LUAFV allows an authorized attacker to … | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27931 | Microsoft | medium | 5.5 | 0.0%
| | Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally. | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32071 | Microsoft | high | 7.5 | 0.1%
| | Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an una… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32073 | Microsoft | high | 7.0 | 0.0%
| | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to ele… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32075 | Microsoft | high | 7.0 | 0.0%
| | Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker t… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32081 | Microsoft | medium | 5.5 | 0.0%
| | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an author… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32082 | Microsoft | high | 7.0 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32083 | Microsoft | high | 7.0 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32085 | Microsoft | medium | 5.5 | 0.0%
| | Exposure of sensitive information to an unauthorized actor in Windows Remote Procedure Call allows a… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32087 | Microsoft | high | 7.0 | 0.0%
| | Heap-based buffer overflow in Function Discovery Service (fdwsd.dll) allows an authorized attacker t… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32089 | Microsoft | high | 7.8 | 0.0%
| | Use after free in Windows Speech Brokered Api allows an authorized attacker to elevate privileges lo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32090 | Microsoft | high | 7.8 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32093 | Microsoft | high | 7.0 | 0.1%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Funct… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32152 | Microsoft | high | 7.8 | 0.0%
| | Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally… | Apr 14, 2026 | Apr 24, 2026 |