exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 331 614

CVE-2026-20943

27 дней назад

Untrusted search path in Microsoft Office allows an unauthorized attacker to execute code locally.

CVSS3: 7

EPSS: Низкий

CVE-2026-20941

27 дней назад

Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.

CVSS3: 7.8

EPSS: Низкий

CVE-2026-20940

27 дней назад

Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.

CVSS3: 7.8

EPSS: Низкий

CVE-2026-20939

27 дней назад

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.

CVSS3: 5.5

EPSS: Низкий

CVE-2026-20938

27 дней назад

Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.

CVSS3: 7.8

EPSS: Низкий

CVE-2026-20937

27 дней назад

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.

CVSS3: 5.5

EPSS: Низкий

CVE-2026-20936

27 дней назад

Out-of-bounds read in Windows NDIS allows an authorized attacker to disclose information with a physical attack.

CVSS3: 4.3

EPSS: Низкий

CVE-2026-20935

27 дней назад

Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an unauthorized attacker to disclose information locally.

CVSS3: 6.2

EPSS: Низкий

CVE-2026-20934

27 дней назад

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

CVSS3: 7.5

EPSS: Низкий

CVE-2026-20932

27 дней назад

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.

CVSS3: 5.5

EPSS: Низкий

CVE-2026-20931

27 дней назад

External control of file name or path in Windows Telephony Service allows an authorized attacker to elevate privileges over an adjacent network.

CVSS3: 8

EPSS: Низкий

CVE-2026-20929

27 дней назад

Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network.

CVSS3: 7.5

EPSS: Низкий

CVE-2026-20927

27 дней назад

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to deny service over a network.

CVSS3: 5.3

EPSS: Низкий

CVE-2026-20926

27 дней назад

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

CVSS3: 7.5

EPSS: Низкий

CVE-2026-20925

27 дней назад

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

CVSS3: 6.5

EPSS: Низкий

CVE-2026-20924

27 дней назад

Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVSS3: 7.8

EPSS: Низкий

CVE-2026-20923

27 дней назад

Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVSS3: 7.8

EPSS: Низкий

CVE-2026-20922

27 дней назад

Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.

CVSS3: 7.8

EPSS: Низкий

CVE-2026-20921

27 дней назад

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

CVSS3: 7.5

EPSS: Низкий

CVE-2026-20920

27 дней назад

Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

CVSS3: 7.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2026-20943 Untrusted search path in Microsoft Office allows an unauthorized attacker to execute code locally.	CVSS3: 7	0% Низкий	27 дней назад
CVE-2026-20941 Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.	CVSS3: 7.8	0% Низкий	27 дней назад
CVE-2026-20940 Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.	CVSS3: 7.8	0% Низкий	27 дней назад
CVE-2026-20939 Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.	CVSS3: 5.5	0% Низкий	27 дней назад
CVE-2026-20938 Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.	CVSS3: 7.8	0% Низкий	27 дней назад
CVE-2026-20937 Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.	CVSS3: 5.5	0% Низкий	27 дней назад
CVE-2026-20936 Out-of-bounds read in Windows NDIS allows an authorized attacker to disclose information with a physical attack.	CVSS3: 4.3	0% Низкий	27 дней назад
CVE-2026-20935 Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an unauthorized attacker to disclose information locally.	CVSS3: 6.2	0% Низкий	27 дней назад
CVE-2026-20934 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.	CVSS3: 7.5	0% Низкий	27 дней назад
CVE-2026-20932 Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.	CVSS3: 5.5	0% Низкий	27 дней назад
CVE-2026-20931 External control of file name or path in Windows Telephony Service allows an authorized attacker to elevate privileges over an adjacent network.	CVSS3: 8	1% Низкий	27 дней назад
CVE-2026-20929 Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network.	CVSS3: 7.5	0% Низкий	27 дней назад
CVE-2026-20927 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to deny service over a network.	CVSS3: 5.3	0% Низкий	27 дней назад
CVE-2026-20926 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.	CVSS3: 7.5	0% Низкий	27 дней назад
CVE-2026-20925 External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.	CVSS3: 6.5	0% Низкий	27 дней назад
CVE-2026-20924 Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.	CVSS3: 7.8	0% Низкий	27 дней назад
CVE-2026-20923 Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.	CVSS3: 7.8	0% Низкий	27 дней назад
CVE-2026-20922 Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.	CVSS3: 7.8	0% Низкий	27 дней назад
CVE-2026-20921 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.	CVSS3: 7.5	0% Низкий	27 дней назад
CVE-2026-20920 Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.	CVSS3: 7.8	0% Низкий	27 дней назад

Уязвимостей на страницу