Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2026-33837
Heap-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2026-05-12
CVE-2026-33838
Double free in Windows Message Queuing allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2026-05-12
CVE-2026-33117
The Java Key Vault Keys library in the Azure SDK for Java contains an issue in the local cryptographic verification path where authentication tag comparison was implemented incorrectly. In affected applications that use the vulnerable local cryptography path, specially crafted encrypted input may bypass integrity verification checks. Operations delegated to the Key Vault service are not affected. The issue is addressed in version 4.10.6.
CVSS Score
9.1
EPSS Score
0.0
Published
2026-05-12
CVE-2026-33821
Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network.
CVSS Score
7.7
EPSS Score
0.001
Published
2026-05-12
CVE-2026-33110
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVSS Score
8.8
EPSS Score
0.019
Published
2026-05-12
CVE-2026-33112
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVSS Score
8.8
EPSS Score
0.019
Published
2026-05-12
CVE-2026-32209
Improper access control in Windows Filtering Platform (WFP) allows an authorized attacker to bypass a security feature locally.
CVSS Score
4.4
EPSS Score
0.0
Published
2026-05-12
CVE-2026-32185
Files or directories accessible to external parties in Microsoft Teams allows an unauthorized attacker to perform spoofing locally.
CVSS Score
5.5
EPSS Score
0.001
Published
2026-05-12
CVE-2026-32170
Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally.
CVSS Score
6.7
EPSS Score
0.001
Published
2026-05-12
CVE-2026-32161
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Native WiFi Miniport Driver allows an unauthorized attacker to execute code over an adjacent network.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-05-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved