Shodan
Vulnerabilities
Vulnerable Software
Microsoft:  >> Windows Server 2012  Security Vulnerabilities
CVE-2026-32212
Improper link resolution before file access ('link following') in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally.
CVSS Score
5.5
EPSS Score
0.001
Published
2026-04-14
CVE-2026-32183
Improper neutralization of special elements used in a command ('command injection') in Windows Snipping Tool allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2026-04-14
CVE-2026-32156
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to execute code locally.
CVSS Score
7.4
EPSS Score
0.001
Published
2026-04-14
CVE-2026-32150
Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2026-04-14
CVE-2026-32151
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information over a network.
CVSS Score
6.5
EPSS Score
0.001
Published
2026-04-14
CVE-2026-32093
Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.001
Published
2026-04-14
CVE-2026-32086
Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2026-04-14
CVE-2026-32087
Heap-based buffer overflow in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2026-04-14
CVE-2026-32082
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2026-04-14
CVE-2026-32083
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2026-04-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved