Descripción
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, perform cross-site scripting attack, bypass security restrictions, cause denial of service, obtain sensitive information, execute arbitrary code, spoof user interface.
Below is a complete list of vulnerabilities:
- Cross-site scripting (XSS) vulnerability can be exploited to perform cross-site scripting attack.
- An elevation of privilege vulnerability in Windows Device Health Attestation (DHA) can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Universal Disk Format File System Driver (UDFS) can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Microsoft Kinect can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows DNS Client can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Projected File System can be exploited remotely to gain privileges.
- Security vulnerability can be exploited to bypass security restrictions.
- An elevation of privilege vulnerability in Windows Function Discovery Service (fdwsd.dll) can be exploited remotely to gain privileges.
- A denial of service vulnerability in Windows Kerberos can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Windows TCP/IP can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows DWM Core Library can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Shell can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Windows Remote Desktop Protocol (RDP) can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Remote Desktop Client can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Hotpatch Monitoring Service can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Telephony Service can be exploited remotely to gain privileges.
- A denial of service vulnerability in Windows TCP/IP can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in NT OS Kernel can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Telephony Server can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Windows Push Notification can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Windows Hyper-V can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Windows Performance Monitor can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Push Notifications can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Microsoft Graphics Component can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Winlogon can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows Graphics Component can be exploited remotely to execute arbitrary code.
- A denial of service vulnerability in Windows Network Controller (NC) Host Agent can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Microsoft Cryptographic Services can be exploited remotely to gain privileges.
- A remote code execution vulnerability in DHCP Client Service can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Program Compatibility Assistant Service can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Collaborative Translation Framework (CTFMON) can be exploited remotely to gain privileges.
- A security feature bypass vulnerability in Secure Boot can be exploited remotely to bypass security restrictions.
- An elevation of privilege vulnerability in Windows Internet (wininet.dll) can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows SDK can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Application Identity (AppID) can be exploited remotely to obtain sensitive information.
- A security feature bypass vulnerability in Windows Mark of the Web can be exploited remotely to bypass security restrictions.
- An elevation of privilege vulnerability in Windows UI Automation Manager (uiamanager.dll) can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows UPnP Device Host can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Kernel-Mode Driver can be exploited remotely to gain privileges.
- A tampering vulnerability in Windows Dynamic Host Configuration Protocol (DHCP) can be exploited remotely to spoof user interface.
- An information disclosure vulnerability in Windows Managed Installer can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Bluetooth Service can be exploited remotely to gain privileges.
- A denial of service vulnerability in Microsoft UxTheme Library (uxtheme.dll) can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Windows Hyper-V can be exploited remotely to execute arbitrary code.
- An information disclosure vulnerability in Windows DHCP Client can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Windows NTFS can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Microsoft DWM Core Library can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Bluetooth Port Driver can be exploited remotely to gain privileges.
- A spoofing vulnerability in Microsoft Azure Attestation service and Device Health Attestation Service can be exploited remotely to spoof user interface.
- A remote code execution vulnerability in Windows Active Directory Domain Services can be exploited remotely to execute arbitrary code.
- A security feature bypass vulnerability in Windows BitLocker can be exploited remotely to bypass security restrictions.
- A security feature bypass vulnerability in UEFI Secure Boot can be exploited remotely to bypass security restrictions.
- A remote code execution vulnerability in Windows Kernel can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in HTTP.sys can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Storage can be exploited remotely to gain privileges.
- A security feature bypass vulnerability in Windows Boot Manager can be exploited remotely to bypass security restrictions.
- An elevation of privilege vulnerability in Windows Narrator Braille can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows Media can be exploited remotely to execute arbitrary code.
- A security feature bypass vulnerability in Secure Boot can be exploited remotely to gain privileges.
- A denial of service vulnerability in HTTP.sys can be exploited remotely to cause denial of service.
- A spoofing vulnerability in Windows NTLM can be exploited remotely to spoof user interface.
Notas informativas originales
- CVE-2026-33828
- CVE-2026-34335
- CVE-2026-40404
- CVE-2026-40409
- CVE-2026-41092
- CVE-2026-41108
- CVE-2026-42828
- CVE-2026-42829
- CVE-2026-42836
- CVE-2026-42837
- CVE-2026-42903
- CVE-2026-42904
- CVE-2026-42905
- CVE-2026-42906
- CVE-2026-42907
- CVE-2026-42908
- CVE-2026-42909
- CVE-2026-42910
- CVE-2026-42911
- CVE-2026-42912
- CVE-2026-42913
- CVE-2026-42914
- CVE-2026-42915
- CVE-2026-42916
- CVE-2026-42968
- CVE-2026-42969
- CVE-2026-42970
- CVE-2026-42971
- CVE-2026-42972
- CVE-2026-42973
- CVE-2026-42974
- CVE-2026-42977
- CVE-2026-42978
- CVE-2026-42979
- CVE-2026-42980
- CVE-2026-42981
- CVE-2026-42983
- CVE-2026-42984
- CVE-2026-42985
- CVE-2026-42986
- CVE-2026-42987
- CVE-2026-42989
- CVE-2026-42991
- CVE-2026-42992
- CVE-2026-42993
- CVE-2026-44799
- CVE-2026-44801
- CVE-2026-44802
- CVE-2026-44803
- CVE-2026-44804
- CVE-2026-44805
- CVE-2026-44807
- CVE-2026-44808
- CVE-2026-44809
- CVE-2026-44810
- CVE-2026-44811
- CVE-2026-44812
- CVE-2026-44813
- CVE-2026-44814
- CVE-2026-44815
- CVE-2026-45487
- CVE-2026-45586
- CVE-2026-45588
- CVE-2026-45592
- CVE-2026-45593
- CVE-2026-45594
- CVE-2026-45595
- CVE-2026-45596
- CVE-2026-45597
- CVE-2026-45598
- CVE-2026-45599
- CVE-2026-45600
- CVE-2026-45601
- CVE-2026-45602
- CVE-2026-45603
- CVE-2026-45604
- CVE-2026-45605
- CVE-2026-45606
- CVE-2026-45607
- CVE-2026-45608
- CVE-2026-45634
- CVE-2026-45635
- CVE-2026-45636
- CVE-2026-45637
- CVE-2026-45638
- CVE-2026-45639
- CVE-2026-45640
- CVE-2026-45641
- CVE-2026-45642
- CVE-2026-45648
- CVE-2026-45653
- CVE-2026-45654
- CVE-2026-45655
- CVE-2026-45656
- CVE-2026-45657
- CVE-2026-45658
- CVE-2026-47288
- CVE-2026-47289
- CVE-2026-47291
- CVE-2026-47648
- CVE-2026-47652
- CVE-2026-47653
- CVE-2026-47654
- CVE-2026-47656
- CVE-2026-48563
- CVE-2026-48565
- CVE-2026-48566
- CVE-2026-48568
- CVE-2026-48570
- CVE-2026-48573
- CVE-2026-48574
- CVE-2026-48575
- CVE-2026-48576
- CVE-2026-48578
- CVE-2026-48583
- CVE-2026-49160
- CVE-2026-50507
- CVE-2026-50508
- CVE-2026-8863
Explotación
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Productos relacionados
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-10
- Microsoft-Windows-Server-2016
- Microsoft-Windows-Server-2019
- Microsoft-Windows-11
- Microsoft-Remote-Desktop
- Microsoft-Windows-Server-2022
- Microsoft-Windows-Server-2025
Lista CVE
- CVE-2025-10263 critical
- CVE-2026-33828 critical
- CVE-2026-34335 high
- CVE-2026-40404 critical
- CVE-2026-40409 critical
- CVE-2026-41092 critical
- CVE-2026-41108 high
- CVE-2026-42828 critical
- CVE-2026-42829 critical
- CVE-2026-42836 high
- CVE-2026-42837 critical
- CVE-2026-42903 high
- CVE-2026-42904 critical
- CVE-2026-42905 critical
- CVE-2026-42906 high
- CVE-2026-42907 high
- CVE-2026-42908 critical
- CVE-2026-42909 critical
- CVE-2026-42910 critical
- CVE-2026-42911 high
- CVE-2026-42912 high
- CVE-2026-42913 critical
- CVE-2026-42914 high
- CVE-2026-42915 high
- CVE-2026-42916 critical
- CVE-2026-42968 high
- CVE-2026-42969 high
- CVE-2026-42970 high
- CVE-2026-42971 high
- CVE-2026-42972 high
- CVE-2026-42973 high
- CVE-2026-42974 critical
- CVE-2026-42977 critical
- CVE-2026-42978 critical
- CVE-2026-42979 critical
- CVE-2026-42980 critical
- CVE-2026-42981 critical
- CVE-2026-42983 critical
- CVE-2026-42984 high
- CVE-2026-42985 critical
- CVE-2026-42986 critical
- CVE-2026-42987 critical
- CVE-2026-42989 critical
- CVE-2026-42991 critical
- CVE-2026-42992 critical
- CVE-2026-42993 critical
- CVE-2026-44799 critical
- CVE-2026-44801 critical
- CVE-2026-44802 critical
- CVE-2026-44803 critical
- CVE-2026-44804 critical
- CVE-2026-44805 high
- CVE-2026-44807 critical
- CVE-2026-44808 critical
- CVE-2026-44809 critical
- CVE-2026-44810 critical
- CVE-2026-44811 critical
- CVE-2026-44812 critical
- CVE-2026-44813 critical
- CVE-2026-44814 high
- CVE-2026-44815 critical
- CVE-2026-45487 high
- CVE-2026-45586 critical
- CVE-2026-45588 critical
- CVE-2026-45592 critical
- CVE-2026-45593 critical
- CVE-2026-45594 high
- CVE-2026-45595 high
- CVE-2026-45596 high
- CVE-2026-45597 high
- CVE-2026-45598 high
- CVE-2026-45599 critical
- CVE-2026-45600 critical
- CVE-2026-45601 high
- CVE-2026-45602 critical
- CVE-2026-45603 high
- CVE-2026-45604 high
- CVE-2026-45605 critical
- CVE-2026-45606 high
- CVE-2026-45607 critical
- CVE-2026-45608 high
- CVE-2026-45634 high
- CVE-2026-45635 critical
- CVE-2026-45636 critical
- CVE-2026-45637 critical
- CVE-2026-45638 critical
- CVE-2026-45639 critical
- CVE-2026-45640 high
- CVE-2026-45641 critical
- CVE-2026-45642 warning
- CVE-2026-45648 critical
- CVE-2026-45653 high
- CVE-2026-45654 critical
- CVE-2026-45655 high
- CVE-2026-45656 critical
- CVE-2026-45657 critical
- CVE-2026-45658 high
- CVE-2026-47288 high
- CVE-2026-47289 critical
- CVE-2026-47291 critical
- CVE-2026-47648 high
- CVE-2026-47652 critical
- CVE-2026-47653 critical
- CVE-2026-47654 critical
- CVE-2026-47656 critical
- CVE-2026-48563 critical
- CVE-2026-48565 critical
- CVE-2026-48566 high
- CVE-2026-48568 critical
- CVE-2026-48570 critical
- CVE-2026-48573 critical
- CVE-2026-48574 critical
- CVE-2026-48575 critical
- CVE-2026-48576 critical
- CVE-2026-48578 critical
- CVE-2026-48583 critical
- CVE-2026-49160 critical
- CVE-2026-50507 high
- CVE-2026-50508 critical
- CVE-2026-8863 critical
Lista KB
Leer más
Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com
¿Has encontrado algún error en la descripción de esta vulnerabilidad? ¡Háznoslo saber!