| | CVE-2026-21511 |  Microsoft | high | 7.5 | 0.2%
| | Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to per… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21516 | Microsoft | high | 8.8 | 0.0%
| | Improper neutralization of special elements used in a command ('command injection') in Github Copilo… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21525 | Microsoft | medium | 6.2 | 3.7%
| ⚠ KEV | Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21514 | Microsoft | high | 7.8 | 4.9%
| ⚠ KEV | Reliance on untrusted inputs in a security decision in Microsoft Office Word allows an unauthorized … | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21529 | Microsoft | medium | 5.7 | 0.0%
| | Improper neutralization of input during web page generation ('cross-site scripting') in Azure HDInsi… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21537 | Microsoft | high | 8.8 | 0.1%
| | Improper control of generation of code ('code injection') in Microsoft Defender for Linux allows an … | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21510 | Microsoft | high | 8.8 | 4.2%
| ⚠ KEV | Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security f… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21531 | Microsoft | critical | 9.8 | 0.3%
| | Deserialization of untrusted data in Azure SDK allows an unauthorized attacker to execute code over … | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21528 | Microsoft | medium | 6.5 | 0.1%
| | Binding to an unrestricted ip address in Azure IoT Explorer allows an unauthorized attacker to discl… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21527 | Microsoft | medium | 6.5 | 0.1%
| | User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21522 | Microsoft | medium | 6.7 | 0.0%
| | Improper neutralization of special elements used in a command ('command injection') in Azure Compute… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21513 | Microsoft | high | 8.8 | 5.2%
| ⚠ KEV | Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a securit… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21533 | Microsoft | high | 7.8 | 3.1%
| ⚠ KEV | Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate pri… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21229 | Microsoft | high | 8.0 | 0.1%
| | Improper input validation in Power BI allows an authorized attacker to execute code over a network. | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21523 | Microsoft | high | 8.0 | 0.0%
| | Time-of-check time-of-use (toctou) race condition in GitHub Copilot and Visual Studio allows an auth… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-23655 | Microsoft | medium | 6.5 | 0.1%
| | Cleartext storage of sensitive information in Azure Compute Gallery allows an authorized attacker to… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21218 | Microsoft | high | 7.5 | 0.0%
| | Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoo… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21236 | Microsoft | high | 7.8 | 0.0%
| | Heap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized att… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21234 | Microsoft | high | 7.0 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Windo… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21235 | Microsoft | high | 7.3 | 0.0%
| | Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges l… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21242 | Microsoft | high | 7.0 | 0.0%
| | Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges lo… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21246 | Microsoft | high | 7.8 | 0.0%
| | Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate … | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21247 | Microsoft | high | 7.3 | 0.0%
| | Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally. | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21248 | Microsoft | high | 7.3 | 0.0%
| | Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally. | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21260 | Microsoft | high | 7.5 | 0.0%
| | Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an una… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21258 | Microsoft | medium | 5.5 | 0.0%
| | Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose info… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21259 | Microsoft | high | 7.8 | 0.0%
| | Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate priv… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21512 | Microsoft | medium | 6.5 | 0.1%
| | Server-side request forgery (ssrf) in Azure DevOps Server allows an authorized attacker to perform s… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21517 | Microsoft | medium | 4.7 | 0.0%
| | Improper link resolution before file access ('link following') in Windows App for Mac allows an auth… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21518 | Microsoft | high | 8.8 | 0.0%
| | Improper neutralization of special elements used in a command ('command injection') in GitHub Copilo… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-21519 | Microsoft | high | 7.8 | 3.6%
| ⚠ KEV | Access of resource using incompatible type ('type confusion') in Desktop Window Manager allows an au… | Feb 10, 2026 | Mar 13, 2026 |
| | CVE-2026-25646 |  Red Hat | high | 7.0 | 0.1%
| ✓ Fix | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl… | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2025-35998 | Red Hat | high | 7.9 | 0.0%
| | Missing protection mechanism for alternate hardware interface in the Intel(R) Quick Assist Technolog… | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2025-31648 | Red Hat | low | 2.5 | 0.0%
| | Improper handling of values in the microcode flow for some Intel(R) Processor Family may allow an es… | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2026-22153 |  Fortinet | high | 8.1 | 0.1%
| | An Authentication Bypass by Primary Weakness vulnerability [CWE-305] vulnerability in Fortinet Forti… | Feb 10, 2026 | Feb 12, 2026 |
| | CVE-2026-21743 | Fortinet | high | 7.2 | 0.0%
| | A missing authorization vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthe… | Feb 10, 2026 | Feb 12, 2026 |
| | CVE-2025-68686 | Fortinet | medium | 5.9 | 0.0%
| | An Exposure of Sensitive Information to an Unauthorized Actor vulnerability [CWE-200] vulnerability … | Feb 10, 2026 | Feb 12, 2026 |
| | CVE-2025-62676 | Fortinet | high | 7.1 | 0.0%
| | An Improper Link Resolution Before File Access ('Link Following') vulnerability [CWE-59] vulnerabili… | Feb 10, 2026 | Feb 12, 2026 |
| | CVE-2025-52436 | Fortinet | high | 8.8 | 0.2%
| | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerabilit… | Feb 10, 2026 | Feb 18, 2026 |
| | CVE-2025-62439 | Fortinet | low | 3.8 | 0.0%
| | An Improper Verification of Source of a Communication Channel vulnerability [CWE-940] vulnerability … | Feb 10, 2026 | May 12, 2026 |
| | CVE-2025-64157 | Fortinet | medium | 6.7 | 0.0%
| | A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, … | Feb 10, 2026 | May 12, 2026 |
| | CVE-2025-55018 | Fortinet | medium | 5.2 | 0.1%
| | An inconsistent interpretation of http requests ('http request smuggling') vulnerability in Fortinet… | Feb 10, 2026 | May 12, 2026 |
| | CVE-2026-23901 | Red Hat | low | 2.9 | 0.0%
| | Observable Timing Discrepancy vulnerability in Apache Shiro.
This issue affects Apache Shiro: from 1… | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2026-2272 | Red Hat | medium | 4.3 | — | | No description is available for this CVE. | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2026-2271 | Red Hat | medium | 3.3 | — | | No description is available for this CVE. | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2026-2319 | Red Hat | medium | 6.5 | 0.0%
| | Race in DevTools in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a u… | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2026-2320 | Red Hat | medium | 6.5 | 0.0%
| | Inappropriate implementation in File input in Google Chrome prior to 145.0.7632.45 allowed a remote … | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2026-2322 | Red Hat | low | 4.3 | 0.0%
| | Inappropriate implementation in File input in Google Chrome prior to 145.0.7632.45 allowed a remote … | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2026-2318 | Red Hat | medium | 6.5 | 0.0%
| | Inappropriate implementation in PictureInPicture in Google Chrome prior to 145.0.7632.45 allowed a r… | Feb 10, 2026 | Feb 10, 2026 |
| | CVE-2026-2323 | Red Hat | low | 4.3 | 0.0%
| | Inappropriate implementation in Downloads in Google Chrome prior to 145.0.7632.45 allowed a remote a… | Feb 10, 2026 | Feb 10, 2026 |