Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-47293 |
|
Use-After-Free in microsoft (CVE-2026-47293)
vulnerability in microsoft (CVE-2026-47293). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42832 |
|
Vulnerability in microsoft (CVE-2026-42832)
vulnerability in microsoft (CVE-2026-42832). Confidential information can be exposed externally.
|
| CVE-2026-42831 |
|
Vulnerability in microsoft (CVE-2026-42831)
vulnerability in microsoft (CVE-2026-42831). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40418 |
|
Use-After-Free in microsoft (CVE-2026-40418)
vulnerability in microsoft (CVE-2026-40418). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40419 |
|
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.
|
| CVE-2026-40420 |
|
Vulnerability in microsoft (CVE-2026-40420)
vulnerability in microsoft (CVE-2026-40420). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40421 |
|
Vulnerability in microsoft (CVE-2026-40421)
vulnerability in microsoft (CVE-2026-40421). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40367 |
|
Vulnerability in microsoft (CVE-2026-40367)
vulnerability in microsoft (CVE-2026-40367). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40360 |
|
Out-of-Bounds Read in microsoft (CVE-2026-40360)
vulnerability in microsoft (CVE-2026-40360). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40366 |
|
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
|
| CVE-2026-35440 |
|
Vulnerability in microsoft (CVE-2026-35440)
vulnerability in microsoft (CVE-2026-35440). Confidential information can be exposed externally.
|
| CVE-2026-40362 |
|
Vulnerability in microsoft (CVE-2026-40362)
vulnerability in microsoft (CVE-2026-40362). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40363 |
|
Vulnerability in microsoft (CVE-2026-40363)
vulnerability in microsoft (CVE-2026-40363). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40364 |
|
Vulnerability in microsoft (CVE-2026-40364)
vulnerability in microsoft (CVE-2026-40364). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40359 |
|
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
|
| CVE-2026-40358 |
|
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
|
| CVE-2026-40361 |
|
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
|
| CVE-2026-35436 |
|
Vulnerability in microsoft (CVE-2026-35436)
vulnerability in microsoft (CVE-2026-35436). Successful exploitation can lead to full system takeover.
|
| CVE-2009-0238 KEV |
|
[KEV] Code Injection in Microsoft office (CVE-2009-0238)
code injection in Microsoft office (CVE-2009-0238). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-26134 |
|
Vulnerability in microsoft (CVE-2026-26134)
vulnerability in microsoft (CVE-2026-26134). Successful exploitation can lead to full system takeover.
|
| CVE-2026-26110 |
|
Vulnerability in microsoft (CVE-2026-26110)
vulnerability in microsoft (CVE-2026-26110). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25180 |
|
Out-of-Bounds Read in microsoft (CVE-2026-25180)
vulnerability in microsoft (CVE-2026-25180). Confidential information can be exposed externally.
|
| CVE-2026-24285 |
|
Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
|
| CVE-2026-21514 KEV |
|
[KEV] Vulnerability in Microsoft office (CVE-2026-21514)
vulnerability in Microsoft office (CVE-2026-21514). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-21509 KEV |
|
[KEV] Vulnerability in Microsoft office (CVE-2026-21509)
vulnerability in Microsoft office (CVE-2026-21509). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2009-0556 KEV |
|
[KEV] Code Injection in Microsoft office (CVE-2009-0556)
code injection in Microsoft office (CVE-2009-0556). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-62557 |
|
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
|
| CVE-2025-62554 |
|
Vulnerability in microsoft (CVE-2025-62554)
vulnerability in microsoft (CVE-2025-62554). Successful exploitation can lead to full system takeover.
|
| CVE-2025-62199 |
|
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
|
| CVE-2025-60724 |
|
Vulnerability in microsoft (CVE-2025-60724)
vulnerability in microsoft (CVE-2025-60724). Successful exploitation can lead to full system takeover.
|
| CVE-2025-59234 |
|
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
|
| CVE-2025-59227 |
|
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
|
| CVE-2025-53799 |
|
Vulnerability in microsoft (CVE-2025-53799)
vulnerability in microsoft (CVE-2025-53799). Confidential information can be exposed externally.
|
| CVE-2025-53766 |
|
Vulnerability in microsoft (CVE-2025-53766)
vulnerability in microsoft (CVE-2025-53766). Successful exploitation can lead to full system takeover.
|
| CVE-2025-53732 |
|
Vulnerability in microsoft (CVE-2025-53732)
vulnerability in microsoft (CVE-2025-53732). Successful exploitation can lead to full system takeover.
|
| CVE-2025-49702 |
|
Vulnerability in microsoft (CVE-2025-49702)
vulnerability in microsoft (CVE-2025-49702). Successful exploitation can lead to full system takeover.
|
| CVE-2025-49697 |
|
Vulnerability in microsoft (CVE-2025-49697)
vulnerability in microsoft (CVE-2025-49697). Successful exploitation can lead to full system takeover.
|
| CVE-2025-49695 |
|
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
|
| CVE-2025-49696 |
|
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
|
| CVE-2025-47953 |
|
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
|
| CVE-2025-47167 |
|
Vulnerability in microsoft (CVE-2025-47167)
vulnerability in microsoft (CVE-2025-47167). Successful exploitation can lead to full system takeover.
|
| CVE-2025-47164 |
|
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
|
| CVE-2025-47162 |
|
Vulnerability in microsoft (CVE-2025-47162)
vulnerability in microsoft (CVE-2025-47162). Successful exploitation can lead to full system takeover.
|
| CVE-2025-30388 |
|
Vulnerability in microsoft (CVE-2025-30388)
vulnerability in microsoft (CVE-2025-30388). Successful exploitation can lead to full system takeover.
|
| CVE-2025-30386 |
|
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
|
| CVE-2025-26687 |
|
Use-After-Free in microsoft (CVE-2025-26687)
vulnerability in microsoft (CVE-2025-26687). Successful exploitation can lead to full system takeover.
|
| CVE-2025-21402 |
|
Microsoft Office OneNote Remote Code Execution Vulnerability
Microsoft Office OneNote Remote Code Execution Vulnerability
|
| CVE-2025-21361 |
|
Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Outlook Remote Code Execution Vulnerability
|
| CVE-2025-21338 |
|
GDI+ Remote Code Execution Vulnerability
GDI+ Remote Code Execution Vulnerability
|
| CVE-2024-30104 |
|
Microsoft Office Remote Code Execution Vulnerability
Microsoft Office Remote Code Execution Vulnerability
|