| | CVE-2026-33826 |  Microsoft | high | 8.0 | 0.4%
| | Improper input validation in Windows Active Directory allows an authorized attacker to execute code … | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-33825 | Microsoft | high | 7.8 | 3.8%
| ⚠ KEV | Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to el… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-33098 | Microsoft | high | 7.8 | 0.0%
| | Use after free in Windows Container Isolation FS Filter Driver allows an authorized attacker to elev… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-33096 | Microsoft | high | 7.5 | 0.2%
| | Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to deny service over a networ… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32224 | Microsoft | high | 7.0 | 0.0%
| | Use after free in Windows Server Update Service allows an authorized attacker to elevate privileges … | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32223 | Microsoft | medium | 6.8 | 0.1%
| | Heap-based buffer overflow in Windows USB Print Driver allows an unauthorized attacker to elevate pr… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32222 | Microsoft | high | 7.8 | 0.0%
| | Untrusted pointer dereference in Windows Win32K - ICOMP allows an authorized attacker to elevate pri… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32221 | Microsoft | high | 8.4 | 0.1%
| | Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execut… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32220 | Microsoft | medium | 4.4 | 0.1%
| | Improper access control in Windows Virtualization-Based Security (VBS) Enclave allows an authorized … | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32219 | Microsoft | high | 7.0 | 0.0%
| | Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges l… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32218 | Microsoft | medium | 5.5 | 0.1%
| | Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to … | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32217 | Microsoft | medium | 5.5 | 0.1%
| | Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to … | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32216 | Microsoft | medium | 5.5 | 0.0%
| | Null pointer dereference in Windows Redirected Drive Buffering allows an authorized attacker to deny… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32215 | Microsoft | medium | 5.5 | 0.1%
| | Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to … | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32202 | Microsoft | medium | 4.3 | 0.1%
| ⚠ KEV | Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing ov… | Apr 14, 2026 | Apr 29, 2026 |
| | CVE-2026-32195 | Microsoft | high | 7.0 | 0.0%
| | Stack-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges lo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32183 | Microsoft | high | 7.8 | 0.1%
| | Improper neutralization of special elements used in a command ('command injection') in Windows Snipp… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32181 | Microsoft | medium | 5.5 | 0.0%
| | Improper privilege management in Microsoft Windows allows an authorized attacker to deny service loc… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32165 | Microsoft | high | 7.8 | 0.0%
| | Use after free in Windows User Interface Core allows an authorized attacker to elevate privileges lo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-0390 | Microsoft | medium | 6.7 | 0.1%
| | Reliance on untrusted inputs in a security decision in Windows Boot Loader allows an authorized atta… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32160 | Microsoft | high | 7.8 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32159 | Microsoft | high | 7.8 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32158 | Microsoft | high | 7.8 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32156 | Microsoft | high | 7.4 | 0.1%
| | Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32154 | Microsoft | high | 7.8 | 0.0%
| | Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32152 | Microsoft | high | 7.8 | 0.0%
| | Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32093 | Microsoft | high | 7.0 | 0.1%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Funct… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32090 | Microsoft | high | 7.8 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32089 | Microsoft | high | 7.8 | 0.0%
| | Use after free in Windows Speech Brokered Api allows an authorized attacker to elevate privileges lo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32087 | Microsoft | high | 7.0 | 0.0%
| | Heap-based buffer overflow in Function Discovery Service (fdwsd.dll) allows an authorized attacker t… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32085 | Microsoft | medium | 5.5 | 0.0%
| | Exposure of sensitive information to an unauthorized actor in Windows Remote Procedure Call allows a… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32083 | Microsoft | high | 7.0 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32082 | Microsoft | high | 7.0 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32081 | Microsoft | medium | 5.5 | 0.0%
| | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an author… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32075 | Microsoft | high | 7.0 | 0.0%
| | Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker t… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32073 | Microsoft | high | 7.0 | 0.0%
| | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to ele… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-32071 | Microsoft | high | 7.5 | 0.1%
| | Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an una… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27931 | Microsoft | medium | 5.5 | 0.0%
| | Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally. | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27929 | Microsoft | high | 7.0 | 0.0%
| | Time-of-check time-of-use (toctou) race condition in Windows LUAFV allows an authorized attacker to … | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27927 | Microsoft | high | 7.8 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27926 | Microsoft | high | 7.0 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27924 | Microsoft | high | 7.8 | 0.0%
| | Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27921 | Microsoft | high | 7.0 | 0.1%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27919 | Microsoft | high | 7.8 | 0.0%
| | Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an author… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27918 | Microsoft | high | 7.8 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27917 | Microsoft | high | 7.0 | 0.0%
| | Use after free in Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) allows an authorized atta… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27915 | Microsoft | high | 7.8 | 0.0%
| | Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker t… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27908 | Microsoft | high | 7.0 | 0.1%
| | Use after free in Windows TDI Translation Driver (tdx.sys) allows an authorized attacker to elevate … | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27907 | Microsoft | high | 7.8 | 0.1%
| | Integer underflow (wrap or wraparound) in Windows Storage Spaces Controller allows an authorized att… | Apr 14, 2026 | Apr 24, 2026 |
| | CVE-2026-27906 | Microsoft | medium | 4.4 | 0.1%
| | Improper input validation in Windows Hello allows an authorized attacker to bypass a security featur… | Apr 14, 2026 | Apr 24, 2026 |