Security Vulnerabilities
Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-04-14
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2026-04-14
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2026-04-14
Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-04-14
Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally.
CVSS Score
6.2
EPSS Score
0.001
Published
2026-04-14
Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally.
CVSS Score
5.5
EPSS Score
0.0
Published
2026-04-14
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2026-04-14
Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-04-14
Improper input validation in Windows Hello allows an unauthorized attacker to bypass a security feature over a network.
CVSS Score
8.7
EPSS Score
0.002
Published
2026-04-14
Time-of-check time-of-use (toctou) race condition in Windows LUAFV allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2026-04-14