| | CVE-2026-25190 |  Microsoft | high | 7.8 | 0.1%
| | Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally. | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-25189 | Microsoft | high | 7.8 | 0.0%
| | Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges local… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-25188 | Microsoft | high | 8.8 | 0.1%
| | Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to elevate p… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-25187 | Microsoft | high | 7.8 | 0.1%
| | Improper link resolution before file access ('link following') in Winlogon allows an authorized atta… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-25186 | Microsoft | medium | 5.5 | 0.1%
| | Exposure of sensitive information to an unauthorized actor in Windows Accessibility Infrastructure (… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-25185 | Microsoft | medium | 5.3 | 0.1%
| | Exposure of sensitive information to an unauthorized actor in Windows Shell Link Processing allows a… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-25181 | Microsoft | high | 7.5 | 0.1%
| | Out-of-bounds read in Windows GDI+ allows an unauthorized attacker to disclose information over a ne… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-25180 | Microsoft | medium | 5.5 | 0.0%
| | Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose infor… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-25179 | Microsoft | high | 7.0 | 0.0%
| | Improper validation of specified type of input in Windows Ancillary Function Driver for WinSock allo… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-25178 | Microsoft | high | 7.0 | 0.0%
| | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to ele… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-25177 | Microsoft | high | 8.8 | 0.1%
| | Improper restriction of names for files and other resources in Active Directory Domain Services allo… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-25176 | Microsoft | high | 7.8 | 0.0%
| | Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attack… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-25175 | Microsoft | high | 7.8 | 0.0%
| | Out-of-bounds read in Windows NTFS allows an authorized attacker to elevate privileges locally. | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-25174 | Microsoft | high | 7.8 | 0.0%
| | Out-of-bounds read in Windows Extensible File Allocation allows an authorized attacker to elevate pr… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-25173 | Microsoft | high | 8.0 | 0.1%
| | Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authori… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-25172 | Microsoft | high | 8.0 | 0.1%
| | Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authori… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-25171 | Microsoft | high | 7.0 | 0.0%
| | Use after free in Windows Authentication Methods allows an authorized attacker to elevate privileges… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-25170 | Microsoft | high | 7.0 | 0.0%
| | Use after free in Windows Hyper-V allows an authorized attacker to elevate privileges locally. | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-25169 | Microsoft | medium | 6.2 | 0.0%
| | Divide by zero in Microsoft Graphics Component allows an unauthorized attacker to deny service local… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-25168 | Microsoft | medium | 6.2 | 0.0%
| | Null pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to deny ser… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-25167 | Microsoft | high | 7.4 | 0.0%
| | Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privile… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-25166 | Microsoft | high | 7.8 | 0.5%
| | Deserialization of untrusted data in Windows System Image Manager allows an authorized attacker to e… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-25165 | Microsoft | high | 7.8 | 0.0%
| | Null pointer dereference in Windows Performance Counters allows an authorized attacker to elevate pr… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-24297 | Microsoft | medium | 6.5 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-24296 | Microsoft | high | 7.0 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-24295 | Microsoft | high | 7.0 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-24294 | Microsoft | high | 7.8 | 0.1%
| | Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges lo… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-24293 | Microsoft | high | 7.8 | 0.0%
| | Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attac… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-24292 | Microsoft | high | 7.8 | 0.0%
| | Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to eleva… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-24291 | Microsoft | high | 7.8 | 0.1%
| | Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure (ATBro… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-24290 | Microsoft | high | 7.8 | 0.0%
| | Improper access control in Windows Projected File System allows an authorized attacker to elevate pr… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-24289 | Microsoft | high | 7.8 | 0.1%
| | Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-24288 | Microsoft | medium | 6.8 | 0.1%
| | Heap-based buffer overflow in Windows Mobile Broadband allows an unauthorized attacker to execute co… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-24287 | Microsoft | high | 7.8 | 0.1%
| | External control of file name or path in Windows Kernel allows an authorized attacker to elevate pri… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-24285 | Microsoft | high | 7.0 | 0.1%
| | Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally. | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-24283 | Microsoft | high | 8.8 | 0.0%
| | Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privilege… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-24282 | Microsoft | medium | 5.5 | 0.0%
| | Out-of-bounds read in Push Message Routing Service allows an authorized attacker to disclose informa… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-23673 | Microsoft | high | 7.8 | 0.1%
| | Out-of-bounds read in Windows Resilient File System (ReFS) allows an authorized attacker to elevate … | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-23672 | Microsoft | high | 7.8 | 0.0%
| | Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-23671 | Microsoft | high | 7.0 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-23669 | Microsoft | high | 8.8 | 0.1%
| | Use after free in Windows Print Spooler Components allows an authorized attacker to execute code ove… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-23668 | Microsoft | high | 7.0 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Micro… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-23667 | Microsoft | high | 7.0 | 0.0%
| | Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally. | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-23664 | Microsoft | high | 7.5 | 0.1%
| | Improper restriction of communication channel to intended endpoints in Azure IoT Explorer allows an … | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21262 | Microsoft | high | 8.8 | 0.1%
| | Improper access control in SQL Server allows an authorized attacker to elevate privileges over a net… | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-22572 |  Fortinet | medium | 6.8 | 0.1%
| | An authentication bypass using an alternate path or channel vulnerability in Fortinet FortiAnalyzer … | Mar 10, 2026 | Mar 13, 2026 |
| | CVE-2026-30942 |  Red Hat | high | 6.5 | 0.1%
| | A flaw was found in Flare, a file sharing platform. An authenticated path traversal vulnerability ex… | Mar 10, 2026 | Mar 10, 2026 |
| | CVE-2026-2742 | Red Hat | medium | 6.3 | 0.3%
| | An authentication bypass vulnerability exists in Vaadin 14.0.0 through 14.14.0, 23.0.0 through 23.6.… | Mar 10, 2026 | Mar 10, 2026 |
| | CVE-2026-2741 | Red Hat | low | 2.6 | 0.1%
| | Specially crafted ZIP archives can escape the intended extraction directory during Node.js download … | Mar 10, 2026 | Mar 10, 2026 |
| | CVE-2026-23907 | Red Hat | medium | 5.4 | 0.0%
| | A Path Traversal flaw was found in the `ExtractEmbeddedFiles` example within Apache PDFBox. An attac… | Mar 10, 2026 | Mar 10, 2026 |