Анализ обновлений Microsoft Patch Tuesday – Июль 2026
Краткое Резюме
Во вторник, 14.07.2026, Microsoft выпустила ежемесячный патч безопасности, устраняющий 622 уязвимости в своих продуктах.
По уровню опасности:
- Critical - 62;
- Moderate - 6;
- Important - 553;
- Low - 1.
Эксплуатируемые (Zero-Days) и Публично Раскрытые Уязвимости
Особое внимание следует уделить на следующие 3 уязвимости. Их исправление является наивысшим приоритетом:
- CVE-2026-56155 (CVSS 7.8; Important) - Active Directory Federation Services Elevation of Privilege Vulnerability (Elevation of Privilege). Уязвимость вызвана недостаточной детализацией контроля доступа (CWE-1220) в службах федерации Active Directory (AD FS). Авторизованный злоумышленник с низкими правами в системе может использовать этот недостаток для локального обхода ограничений доступа и повышения своих привилегий до уровня администратора.
- CVE-2026-56164 (CVSS 5.3; Moderate) - Microsoft SharePoint Server Elevation of Privilege Vulnerability (Elevation of Privilege). Уязвимость вызвана отсутствием проверки подлинности для критически важных функций (CWE-306) в Microsoft SharePoint Server. Удаленный неавторизованный злоумышленник может эксплуатировать ошибку по сети с низким уровнем сложности и без какого-либо взаимодействия с пользователем, что позволяет повысить привилегии в системе. Для защиты и обнаружения потенциальных атак рекомендуется активировать интеграцию с AMSI (Antimalware Scan Interface) и настроить полное сканирование тела POST-запросов для рабочих процессов IIS.
- CVE-2026-50661 (CVSS 6.1; Important) - Windows BitLocker Security Feature Bypass Vulnerability (Security Feature Bypass). Уязвимость связана со сбоем в механизме защиты Windows BitLocker (CWE-693). Злоумышленник, имеющий непосредственный физический доступ к целевому устройству, может использовать эту уязвимость для обхода функции шифрования дисков BitLocker Device Encryption, что позволяет получить несанкционированный доступ к защищенным и зашифрованным данным на накопителе системы.
Общие тенденции
Июльский Patch Tuesday 2026 года стал беспрецедентным событием в истории обновлений Microsoft. Компания выпустила исправления для рекордных 622 уязвимостей, среди которых 62 имеют статус «Critical». Такой колоссальный объем (фактически заменяющий три-четыре стандартных ежемесячных пакета) создает экстремальную нагрузку на службы системного администрирования и кибербезопасности. Ключевые тенденции этого сверхмасштабного релиза:
- Выпуск более 600 патчей за один раз указывает либо на обнаружение крупной системной проблемы в базовых библиотеках Windows, либо на накопление результатов длительных аудитов безопасности. В любом случае, это требует от организаций изменения подходов к приоритизации обновлений.
- Активные атаки на службы идентификации и совместной работы: Особое внимание необходимо обратить на две уязвимости, которые уже активно эксплуатируются злоумышленниками (Zero-Days). Первая — CVE-2026-56155 в AD FS (Active Directory Federation Services). Компрометация единой точки входа (SSO) позволяет атакующим получить доступ к десяткам связанных корпоративных сервисов. Вторая — очередная брешь в SharePoint Server (CVE-2026-56164), требующая для защиты не только патча, но и глубокой настройки сканирования POST-запросов через AMSI.
- Удар по облачным ИИ-платформам и виртуализации: Microsoft закрыла критические уязвимости повышения привилегий (CVSS 9.9) в Azure OpenAI (CVE-2026-45499) и службе каталогов Microsoft Entra (CVE-2026-57100). Также исправлена опасная брешь в виртуальном коммутаторе VMSwitch (CVE-2026-57092), потенциально позволяющая осуществить побег из виртуальной машины на хост-систему (Hyper-V escape).
- Инфраструктурные RCE-угрозы: Сектор сетевых служб продолжает оставаться крайне уязвимым. Исправлены критические RCE-ошибки (CVSS 9.8) в DHCP Server, FTP Service, драйвере сетевой карты Windows Server, а также в SQL Server и RDP.
- Физическая безопасность под вопросом: Публично раскрытая уязвимость обхода BitLocker (CVE-2026-50661) продолжает серию весенне-летних раскрытий методов обхода шифрования дисков. Это критично для защиты информации на мобильных устройствах сотрудников в случае их утери.
Полный Список Уязвимостей
Ниже представлена таблица со всеми уязвимостями, исправленными в этом месяце.
| CVE | Title | Type | CVSS | Severity | Эксплуатируется | Публично Раскрыта |
|---|---|---|---|---|---|---|
| CVE-2026-56155 | Active Directory Federation Services Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Да | Нет |
| CVE-2026-50661 | Windows BitLocker Security Feature Bypass Vulnerability | Security Feature Bypass | 6.1 | Important | Нет | Да |
| CVE-2026-56164 | Microsoft SharePoint Server Elevation of Privilege Vulnerability | Elevation of Privilege | 5.3 | Moderate | Да | Нет |
| CVE-2026-45499 | Azure OpenAI Elevation of Privilege Vulnerability | Elevation of Privilege | 9.9 | Critical | Нет | Нет |
| CVE-2026-57100 | Microsoft Entra Provisioning Service Elevation of Privilege Vulnerability | Elevation of Privilege | 9.9 | Critical | Нет | Нет |
| CVE-2026-57092 | Microsoft Windows VMSwitch Elevation of Privilege Vulnerability | Elevation of Privilege | 9.9 | Critical | Нет | Нет |
| CVE-2026-42990 | SQL Server ODBC driver Elevation of Privilege Vulnerability | Remote Code Execution | 9.8 | Important | Нет | Нет |
| CVE-2026-49172 | Windows FTP Service Remote Code Execution Vulnerability | Remote Code Execution | 9.8 | Important | Нет | Нет |
| CVE-2026-54990 | Remote Desktop Client Remote Code Execution Vulnerability | Remote Code Execution | 9.8 | Important | Нет | Нет |
| CVE-2026-50522 | Microsoft SharePoint Remote Code Execution Vulnerability | Remote Code Execution | 9.8 | Critical | Нет | Нет |
| CVE-2026-58644 | Microsoft SharePoint Remote Code Execution Vulnerability | Remote Code Execution | 9.8 | Critical | Нет | Нет |
| CVE-2026-50447 | Windows Message Queuing Service (MSMQ) Remote Code Execution Vulnerability | Remote Code Execution | 9.8 | Important | Нет | Нет |
| CVE-2026-50518 | Windows DHCP Server Remote Code Execution Vulnerability | Remote Code Execution | 9.8 | Critical | Нет | Нет |
| CVE-2026-55010 | Minecraft Bedrock Dedicated Server Remote Code Execution Vulnerability | Remote Code Execution | 9.8 | Critical | Нет | Нет |
| CVE-2026-55944 | Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability | Remote Code Execution | 9.8 | Critical | Нет | Нет |
| CVE-2026-56159 | DHCP Server Service Remote Code Execution Vulnerability | Remote Code Execution | 9.8 | Critical | Нет | Нет |
| CVE-2026-56190 | Remote Desktop Protocol Remote Code Execution Vulnerability | Remote Code Execution | 9.8 | Important | Нет | Нет |
| CVE-2026-56188 | Windows Server Network driver Remote Code Execution Vulnerability | Remote Code Execution | 9.8 | Critical | Нет | Нет |
| CVE-2026-48561 | Microsoft Copilot Remote Code Execution Vulnerability | Remote Code Execution | 9.6 | Critical | Нет | Нет |
| CVE-2026-50380 | Windows GDI+ Remote Code Execution Vulnerability | Remote Code Execution | 9.6 | Critical | Нет | Нет |
| CVE-2026-55008 | Microsoft Exchange Server Spoofing Vulnerability | Spoofing | 9.6 | Critical | Нет | Нет |
| CVE-2026-41106 | Microsoft 365 Copilot Elevation of Privilege Vulnerability | Elevation of Privilege | 9.3 | Critical | Нет | Нет |
| CVE-2026-49798 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 9.3 | Important | Нет | Нет |
| CVE-2026-55040 | Microsoft SharePoint Server Security Feature Bypass Vulnerability | Security Feature Bypass | 9.1 | Critical | Нет | Нет |
| CVE-2026-58289 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 9.0 | Important | Нет | Нет |
| CVE-2026-54998 | Microsoft Exchange Online Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Critical | Нет | Нет |
| CVE-2026-47303 | ASP.NET Core Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-50663 | Game: Age of Empires II: Definitive Edition Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Important | Нет | Нет |
| CVE-2026-54107 | Windows Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-54982 | Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | Нет | Нет |
| CVE-2026-54999 | Windows TCP/IP Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | Нет | Нет |
| CVE-2026-54117 | Microsoft SQL Server Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | Нет | Нет |
| CVE-2026-54118 | Microsoft SQL Server Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | Нет | Нет |
| CVE-2026-57969 | Azure CycleCloud Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-57981 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Important | Нет | Нет |
| CVE-2026-56645 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Important | Нет | Нет |
| CVE-2026-58608 | Windows Print Spooler Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | Нет | Нет |
| CVE-2026-47632 | Azure Monitor Agent Metrics Extension Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-48564 | DHCP Server Service Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | Нет | Нет |
| CVE-2026-49178 | Windows Active Directory Domain Services Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Important | Нет | Нет |
| CVE-2026-49795 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-50342 | Windows MIDI Service Module Elevation of Privileges Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-50360 | Windows SMB Server Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-50370 | DHCP Server Service Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | Нет | Нет |
| CVE-2026-50398 | Windows Media Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-50382 | DirectX Graphics Kernel Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | Нет | Нет |
| CVE-2026-50369 | Windows Remote Desktop Services Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-50385 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-50413 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-50438 | Microsoft PC Manager Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-50474 | Remote Desktop Client Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | Нет | Нет |
| CVE-2026-50444 | Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Critical | Нет | Нет |
| CVE-2026-50477 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-50489 | Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-47295 | Microsoft SQL Server Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-50666 | Windows Remote Access Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-50670 | Windows Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-54121 | Active Directory Certificate Services Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Critical | Нет | Нет |
| CVE-2026-50687 | Windows Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-50692 | Desktop Window Manager Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-55052 | Microsoft SharePoint Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-41109 | GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability | Security Feature Bypass | 8.8 | Important | Нет | Нет |
| CVE-2026-56196 | Windows Admin Center (WAC) Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Important | Нет | Нет |
| CVE-2026-56197 | Windows Admin Center (WAC) Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Important | Нет | Нет |
| CVE-2026-56642 | Microsoft Fabric Data Warehouse Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Important | Нет | Нет |
| CVE-2026-56194 | Windows NFS Server Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-56647 | Windows Remote Access Service Infrastructure Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-57090 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | Нет | Нет |
| CVE-2026-57094 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | Нет | Нет |
| CVE-2026-57087 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | Нет | Нет |
| CVE-2026-57102 | Visual Studio Code Security Feature Bypass Vulnerability | Security Feature Bypass | 8.8 | Important | Нет | Нет |
| CVE-2026-57974 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Important | Нет | Нет |
| CVE-2026-58277 | Microsoft SharePoint Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-58534 | Windows Input Method Editor (IME) Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-58594 | Remote Desktop Client Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Important | Нет | Нет |
| CVE-2026-58626 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Important | Нет | Нет |
| CVE-2026-55005 | Microsoft Exchange Server Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Important | Нет | Нет |
| CVE-2026-47300 | ASP.NET Core Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-47301 | Configuration Manager Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | Нет | Нет |
| CVE-2026-57983 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | Security Feature Bypass | 8.7 | Important | Нет | Нет |
| CVE-2026-50340 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 8.5 | Important | Нет | Нет |
| CVE-2026-54992 | Microsoft Message Queuing Queue Manager Remote Code Execution Vulnerability | Remote Code Execution | 8.4 | Critical | Нет | Нет |
| CVE-2026-54122 | Windows GDI+ Remote Code Execution Vulnerability | Remote Code Execution | 8.4 | Important | Нет | Нет |
| CVE-2026-50520 | Visual Studio Code Remote Code Execution Vulnerability | Remote Code Execution | 8.4 | Important | Нет | Нет |
| CVE-2026-49184 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 8.4 | Important | Нет | Нет |
| CVE-2026-54128 | Windows DHCP Client Remote Code Execution Vulnerability | Remote Code Execution | 8.4 | Critical | Нет | Нет |
| CVE-2026-55045 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 8.4 | Critical | Нет | Нет |
| CVE-2026-58281 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 8.3 | Important | Нет | Нет |
| CVE-2026-58284 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 8.3 | Important | Нет | Нет |
| CVE-2026-58285 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 8.3 | Important | Нет | Нет |
| CVE-2026-58287 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 8.3 | Important | Нет | Нет |
| CVE-2026-58288 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 8.3 | Important | Нет | Нет |
| CVE-2026-58295 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | Security Feature Bypass | 8.3 | Important | Нет | Нет |
| CVE-2026-58596 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Elevation of Privilege | 8.3 | Important | Нет | Нет |
| CVE-2026-56181 | Windows Network Address Translation (NAT) Spoofing Vulnerability | Spoofing | 8.3 | Moderate | Нет | Нет |
| CVE-2026-50338 | Azure Spring Apps Elevation of Privilege Vulnerability | Elevation of Privilege | 8.2 | Important | Нет | Нет |
| CVE-2026-50429 | Windows Kernel Information Disclosure Vulnerability | Information Disclosure | 8.2 | Important | Нет | Нет |
| CVE-2026-50528 | .NET Security Feature Bypass Vulnerability | Security Feature Bypass | 8.2 | Important | Нет | Нет |
| CVE-2026-50680 | Windows Hyper-V Elevation of Privilege Vulnerability | Elevation of Privilege | 8.2 | Critical | Нет | Нет |
| CVE-2026-58525 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | Security Feature Bypass | 8.2 | Important | Нет | Нет |
| CVE-2026-42900 | Microsoft Windows App Store Elevation of Privilege Vulnerability | Elevation of Privilege | 8.1 | Important | Нет | Нет |
| CVE-2026-49164 | Windows Active Directory Domain Services Remote Code Execution Vulnerability | Remote Code Execution | 8.1 | Critical | Нет | Нет |
| CVE-2026-54995 | Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability | Remote Code Execution | 8.1 | Critical | Нет | Нет |
| CVE-2026-56169 | Windows Admin Center Elevation of Privilege Vulnerability | Elevation of Privilege | 8.1 | Important | Нет | Нет |
| CVE-2026-50694 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | Remote Code Execution | 8.1 | Critical | Нет | Нет |
| CVE-2026-58595 | Microsoft Bing App for IOS Spoofing Vulnerability | Spoofing | 8.1 | Important | Нет | Нет |
| CVE-2026-47304 | .NET Security Feature Bypass Vulnerability | Security Feature Bypass | 8.1 | Important | Нет | Нет |
| CVE-2026-50460 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 8.1 | Important | Нет | Нет |
| CVE-2026-50439 | Microsoft Message Queuing Queue Manager Remote Code Execution Vulnerability | Remote Code Execution | 8.1 | Important | Нет | Нет |
| CVE-2026-50487 | Windows DNS Client Elevation of Privilege Vulnerability | Elevation of Privilege | 8.1 | Important | Нет | Нет |
| CVE-2026-50686 | Windows OLE Remote Code Execution Vulnerability | Remote Code Execution | 8.1 | Important | Нет | Нет |
| CVE-2026-56186 | Windows Secure Channel Information Disclosure Vulnerability | Information Disclosure | 8.1 | Important | Нет | Нет |
| CVE-2026-58282 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 8.1 | Important | Нет | Нет |
| CVE-2026-58283 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 8.1 | Important | Нет | Нет |
| CVE-2026-58286 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 8.1 | Important | Нет | Нет |
| CVE-2026-58293 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 8.1 | Important | Нет | Нет |
| CVE-2026-58617 | M365 Copilot for iOS Elevation of Privilege Vulnerability | Elevation of Privilege | 8.1 | Important | Нет | Нет |
| CVE-2026-42975 | Windows Bluetooth Port Driver Remote Code Execution | Remote Code Execution | 8.0 | Important | Нет | Нет |
| CVE-2026-49169 | Windows DNS Server Remote Code Execution Vulnerability | Remote Code Execution | 8.0 | Important | Нет | Нет |
| CVE-2026-58647 | Microsoft PowerBI Report Server Spoofing Vulnerability | Spoofing | 8.0 | Important | Нет | Нет |
| CVE-2026-40400 | Windows PowerShell Remote Code Execution Vulnerability | Remote Code Execution | 8.0 | Important | Нет | Нет |
| CVE-2026-50365 | Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability | Elevation of Privilege | 8.0 | Important | Нет | Нет |
| CVE-2026-50502 | Windows Event Logging Service Remote Code Execution Vulnerability | Remote Code Execution | 8.0 | Important | Нет | Нет |
| CVE-2026-50683 | Windows DHCP Client Elevation of Privilege Vulnerability | Elevation of Privilege | 8.0 | Important | Нет | Нет |
| CVE-2026-42982 | Windows Secure Kernel Mode Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Critical | Нет | Нет |
| CVE-2026-47296 | Microsoft SQL Server Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-49166 | Windows Print Configuration Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-49170 | Windows StateRepository API Server file Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-49176 | Windows WalletService Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-49175 | Windows DNS Client Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-49173 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-54987 | Windows Overlay Filter Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50697 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-54991 | Windows USB Print Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-54986 | Windows Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-54993 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55001 | Active Directory Domain Services Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-54112 | Windows Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-55004 | Windows Print Configuration Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-54109 | Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-54114 | Windows Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-55011 | Microsoft Defender Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | Нет | Нет |
| CVE-2026-55012 | Microsoft Defender Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | Нет | Нет |
| CVE-2026-55002 | Microsoft SQL Server Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50675 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55899 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55948 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-57107 | Windows Admin Center Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-55014 | Windows Remote Help Defense Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-58601 | Virtual Hard Disk (VHD) Miniport Driver Elevation of Privilege Vulernability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-58602 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-58609 | Windows Graphics Component Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-58610 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-58618 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-58631 | Windows Admin Center (WAC) Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-58635 | Windows Narrator Braille Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-58636 | Microsoft PC Manager Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-44800 | Windows Push Notifications Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-48581 | Surface Broker SDMA Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-49783 | Secure Boot Security Feature Bypass Vulnerability | Security Feature Bypass | 7.8 | Important | Нет | Нет |
| CVE-2026-49792 | Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-49793 | Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-49796 | Windows GDI+ Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | Нет | Нет |
| CVE-2026-49797 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-49800 | Windows Web Proxy Auto-Discovery Protocol (WPAD) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50308 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-50311 | Windows Server Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50333 | Windows Spaceport.sys Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50318 | Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50351 | Windows Audio Compression Manager (ACM) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-49808 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50293 | Windows Internal Task Bar Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50332 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50305 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50329 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50363 | Windows Push Notifications Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50306 | Windows TCP/IP Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50412 | Windows NTFS Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50337 | Windows Notification Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50386 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-50400 | Windows App Package Installer Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50309 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-50326 | Windows Unified Consent System Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50313 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-50440 | Windows Audio Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50327 | Windows Media Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | Нет | Нет |
| CVE-2026-50407 | Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50331 | Windows Application Model Core API Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50343 | Microsoft Install Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50347 | Windows Data.dll Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-50321 | Windows USB Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50425 | Windows Internal System User Profile Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50315 | Windows Image Acquisition Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50357 | Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-50335 | Windows Operating Systems Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50361 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50317 | Windows Operating Systems Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50373 | Windows Search Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50353 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50388 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-50336 | Windows Media Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50433 | Windows Media Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50391 | Windows Group Policy Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50423 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50378 | Windows Key Guard Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50346 | Netlogon RPC Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50405 | Windows Filtering Platform Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50448 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-50387 | Windows GDI Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50344 | Windows OLE Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50436 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50471 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-50469 | Windows Projected File System Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50454 | Windows User Interface Core Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50427 | Content Delivery Manager Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50422 | Windows NTFS Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50421 | Windows Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50367 | Windows Sensor Data Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50466 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50402 | NTFS Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50435 | Windows Overlay Filter Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50441 | Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50462 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50457 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50399 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50461 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-50417 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-50362 | Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-50458 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50476 | Windows Network Connections Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50450 | Windows Network Connections Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50478 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50479 | Windows USB Hub Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50480 | Windows Web Proxy Auto-Discovery Protocol (WPAD) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50484 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50493 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50486 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50488 | Clipboard User Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50499 | Windows Print Spooler Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50494 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-50498 | Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50501 | Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-50509 | Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50510 | GitHub Copilot Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-50646 | .NET Framework Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-50649 | .NET Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-50650 | .NET Framework Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50655 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | Нет | Нет |
| CVE-2026-50667 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50673 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50676 | Windows Media Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50677 | Windows Media Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-54115 | Windows Message Queuing (MSMQ) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50679 | Windows Search Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50688 | Windows Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-50689 | Windows Clipboard Server Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-54125 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-47290 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-47642 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-50301 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-50314 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | Нет | Нет |
| CVE-2026-50467 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | Нет | Нет |
| CVE-2026-55017 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55024 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55018 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | Нет | Нет |
| CVE-2026-55022 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | Нет | Нет |
| CVE-2026-55025 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55125 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55031 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55048 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55029 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55039 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55049 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | Нет | Нет |
| CVE-2026-55032 | Microsoft Word Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55033 | Microsoft Word Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | Нет | Нет |
| CVE-2026-55041 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55127 | Microsoft Word Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | Нет | Нет |
| CVE-2026-55136 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55141 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55129 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | Нет | Нет |
| CVE-2026-55036 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55044 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55055 | Microsoft Word Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55037 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55058 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55038 | Microsoft Word Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55132 | Microsoft Word Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | Нет | Нет |
| CVE-2026-55137 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55053 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55131 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55134 | Microsoft Word Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55056 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | Нет | Нет |
| CVE-2026-55140 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | Нет | Нет |
| CVE-2026-55128 | Microsoft Word Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55130 | Microsoft Word Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55043 | Microsoft PowerPoint Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | Нет | Нет |
| CVE-2026-55133 | Microsoft OneNote Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55123 | Microsoft PowerPoint Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | Нет | Нет |
| CVE-2026-55120 | Microsoft PowerPoint Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | Нет | Нет |
| CVE-2026-54131 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55947 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-55949 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-56156 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-56176 | Windows Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-56175 | Windows NTFS Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-56182 | Windows NTFS Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-56189 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | Нет | Нет |
| CVE-2026-50665 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 7.8 | Important | Нет | Нет |
| CVE-2026-56643 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-56644 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-54124 | Windows Terminal Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-56650 | Windows Network File System Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-57091 | Windows File History Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-57088 | Extensible Storage Engine (ESENT) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-57096 | Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-57968 | Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-58527 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-58530 | Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-58538 | Windows Bluetooth Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-58540 | Windows Installer Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-58532 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-58537 | Microsoft NAT Helper Components (ipnathlp.dll) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-58536 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-58542 | Windows Media Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | Нет | Нет |
| CVE-2026-58541 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-47305 | Visual Studio Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | Нет | Нет |
| CVE-2026-58613 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-58628 | Windows Wireless Network Manager Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-58632 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-58633 | Desktop Window Manager Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-58634 | Desktop Window Manager Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-55006 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-55009 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Нет | Нет |
| CVE-2026-57985 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 7.6 | Important | Нет | Нет |
| CVE-2026-49171 | Windows Speech Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.5 | Important | Нет | Нет |
| CVE-2026-50506 | OData for ASP.NET and ASP.NET Core Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-54983 | Windows Active Directory Federation Services Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-50695 | Windows Active Directory Federation Services Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-50696 | Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-54119 | Windows Active Directory Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-50524 | .NET Framework Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-56170 | ASP.NET Core Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-57984 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | Нет | Нет |
| CVE-2026-57986 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | Нет | Нет |
| CVE-2026-57992 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | Нет | Нет |
| CVE-2026-58276 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | Нет | Нет |
| CVE-2026-50652 | Azure Active Directory Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-50653 | Azure Active Directory Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-40378 | Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-45646 | OData for ASP.NET and ASP.NET Core Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-49181 | Windows DHCP Client Elevation of Privilege Vulnerability | Elevation of Privilege | 7.5 | Important | Нет | Нет |
| CVE-2026-49787 | HTTP.sys Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-49788 | HTTP/2 Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-50304 | Windows Active Directory Federation Services Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-50328 | Windows Server Update Service (WSUS) Tampering Vulnerability | Tampering | 7.5 | Important | Нет | Нет |
| CVE-2026-50368 | Windows Active Directory Federation Services Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-50330 | Windows Remote Desktop Client Elevation of Privilege Vulnerability | Elevation of Privilege | 7.5 | Important | Нет | Нет |
| CVE-2026-50355 | Windows Active Directory Federation Services Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-50414 | Windows Media Elevation of Privilege Vulnerability | Elevation of Privilege | 7.5 | Important | Нет | Нет |
| CVE-2026-50379 | Windows Media Elevation of Privilege Vulnerability | Elevation of Privilege | 7.5 | Important | Нет | Нет |
| CVE-2026-50463 | Windows Kernel Information Disclosure Vulnerability | Information Disclosure | 7.5 | Important | Нет | Нет |
| CVE-2026-50411 | Windows Active Directory Federation Services Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-50424 | Windows Domain Controller Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-50470 | Windows Network Policy Server SNMP Information Disclosure Vulnerability | Information Disclosure | 7.5 | Important | Нет | Нет |
| CVE-2026-50500 | Windows Netlogon Elevation of Privilege Vulnerability | Elevation of Privilege | 7.5 | Important | Нет | Нет |
| CVE-2026-50505 | Windows Message Queuing Service (MSMQ) Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | Нет | Нет |
| CVE-2026-50496 | Windows Network Policy Server SNMP Information Disclosure Vulnerability | Information Disclosure | 7.5 | Important | Нет | Нет |
| CVE-2026-50525 | .NET Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-50527 | .NET Framework Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-50647 | Active Directory Federation Server Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-50648 | .NET Framework Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-50651 | .NET Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-50685 | Windows DHCP Server Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | Нет | Нет |
| CVE-2026-56648 | Windows NFS Server Elevation of Privilege Vulnerability | Elevation of Privilege | 7.5 | Important | Нет | Нет |
| CVE-2026-57089 | Windows SMB Server Network Transport Driver (srvnet.sys) Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | Нет | Нет |
| CVE-2026-57108 | .NET Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-57975 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | Нет | Нет |
| CVE-2026-58290 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | Нет | Нет |
| CVE-2026-58292 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | Нет | Нет |
| CVE-2026-58294 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | Нет | Нет |
| CVE-2026-58299 | Microsoft Edge for Android Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | Нет | Нет |
| CVE-2026-58531 | Windows SMB Elevation of Privilege Vulnerability | Elevation of Privilege | 7.5 | Important | Нет | Нет |
| CVE-2026-58627 | Windows DHCP Server Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-47302 | .NET Denial of Service Vulnerability | Denial of Service | 7.5 | Important | Нет | Нет |
| CVE-2026-54127 | Windows Hyper-V Elevation of Privilege Vulnerability | Elevation of Privilege | 7.4 | Critical | Нет | Нет |
| CVE-2026-57991 | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | Information Disclosure | 7.4 | Important | Нет | Нет |
| CVE-2026-57993 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 7.4 | Important | Нет | Нет |
| CVE-2026-58640 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.3 | Important | Нет | Нет |
| CVE-2026-49789 | Windows NTFS Elevation of Privilege Vulnerability | Elevation of Privilege | 7.3 | Important | Нет | Нет |
| CVE-2026-49790 | Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.3 | Important | Нет | Нет |
| CVE-2026-50364 | Windows Backup Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.3 | Important | Нет | Нет |
| CVE-2026-50482 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.3 | Important | Нет | Нет |
| CVE-2026-55021 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing | 7.3 | Important | Нет | Нет |
| CVE-2026-55034 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing | 7.3 | Important | Нет | Нет |
| CVE-2026-55126 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing | 7.3 | Important | Нет | Нет |
| CVE-2026-58298 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 7.2 | Important | Нет | Нет |
| CVE-2026-49165 | Microsoft Windows App Store Information Disclosure Vulnerability | Information Disclosure | 7.1 | Important | Нет | Нет |
| CVE-2026-55144 | Windows Cryptography API: Next Generation (CNG) Tampering Vulnerability | Tampering | 7.1 | Important | Нет | Нет |
| CVE-2026-56193 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 7.1 | Important | Нет | Нет |
| CVE-2026-57988 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 7.1 | Important | Нет | Нет |
| CVE-2026-49791 | Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.1 | Important | Нет | Нет |
| CVE-2026-50354 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.1 | Important | Нет | Нет |
| CVE-2026-50428 | Windows Container Isolation FS Filter Driver (unionfs.sys) Information Disclosure Vulnerability | Information Disclosure | 7.1 | Important | Нет | Нет |
| CVE-2026-50451 | Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.1 | Important | Нет | Нет |
| CVE-2026-50465 | Windows DNS Client Tampering Vulnerability | Tampering | 7.1 | Important | Нет | Нет |
| CVE-2026-50682 | Active Directory Denial of Service Vulnerability | Denial of Service | 7.1 | Important | Нет | Нет |
| CVE-2026-55122 | Microsoft Excel Information Disclosure Vulnerability | Information Disclosure | 7.1 | Important | Нет | Нет |
| CVE-2026-57101 | Visual Studio Code Security Feature Bypass Vulnerability | Security Feature Bypass | 7.1 | Important | Нет | Нет |
| CVE-2026-57977 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 7.1 | Important | Нет | Нет |
| CVE-2026-58296 | Microsoft Edge for Android Information Disclosure Vulnerability | Information Disclosure | 7.1 | Important | Нет | Нет |
| CVE-2026-58297 | Microsoft Edge for Android Information Disclosure Vulnerability | Information Disclosure | 7.1 | Important | Нет | Нет |
| CVE-2026-58529 | Windows Active Directory Federation Services (ADFS) Information Disclosure Vulnerability | Information Disclosure | 7.1 | Important | Нет | Нет |
| CVE-2026-48572 | Windows App Package Installer Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-48571 | Windows App Package Installer Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-49162 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-49784 | Microsoft Windows App Store Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-54129 | Windows Hyper-V Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-54989 | Quality Windows Audio/Video Experience (QWAVE) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-54111 | Universal Print Management Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-54996 | Windows USB Print Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-58526 | Windows Storage Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-49183 | Windows Clipboard Server Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-49802 | Windows USB Print Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-49806 | Windows USB Print Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-49805 | Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-49803 | Windows AppX Deployment Extensions Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50323 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50296 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50297 | Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50325 | Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50356 | Microsoft Windows App Store Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50384 | Windows Clip Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50372 | Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50392 | Windows Secure Kernel Mode Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Critical | Нет | Нет |
| CVE-2026-50393 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50307 | Windows TCP/IP Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50396 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50390 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50452 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50348 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50345 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50322 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50404 | Windows Media Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50358 | Windows Media Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50410 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50449 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50371 | Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50403 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50397 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50406 | Windows Backup Engine Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50459 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50490 | Windows Installer Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50491 | Code Integrity DLL (ci.dll) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50503 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50526 | .NET Tampering Vulnerability | Tampering | 7.0 | Important | Нет | Нет |
| CVE-2026-50658 | Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50669 | Windows Telephony Server Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50672 | Windows NTFS Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50674 | Windows USB Print Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-50359 | Microsoft XML Core Services Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-56173 | Windows WebView Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-56183 | Windows MIDI Service Module Elevation of Privileges Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-56187 | Windows MIDI Service Module Elevation of Privileges Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-57093 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-58544 | Windows Management Services Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-58619 | Windows Sensor Data Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-58629 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-58637 | Windows Client-Side Caching Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | Нет | Нет |
| CVE-2026-49168 | Storage Spaces Direct Elevation of Privilege Vulnerability | Elevation of Privilege | 6.8 | Important | Нет | Нет |
| CVE-2026-54132 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 6.8 | Important | Нет | Нет |
| CVE-2026-50299 | Windows Storage Spaces Direct Remote Code Execution Vulnerability | Remote Code Execution | 6.8 | Important | Нет | Нет |
| CVE-2026-50298 | Windows Spaceport.sys Elevation of Privilege Vulnerability | Elevation of Privilege | 6.8 | Important | Нет | Нет |
| CVE-2026-50426 | Windows DNS Server Remote Code Execution Vulnerability | Remote Code Execution | 6.8 | Important | Нет | Нет |
| CVE-2026-50492 | Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | Remote Code Execution | 6.8 | Important | Нет | Нет |
| CVE-2026-50668 | Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability | Elevation of Privilege | 6.8 | Important | Нет | Нет |
| CVE-2026-58522 | Microsoft Edge for Android Information Disclosure Vulnerability | Information Disclosure | 6.8 | Important | Нет | Нет |
| CVE-2026-58528 | Windows USB Audio Class Driver Information Disclosure Vulnerability | Information Disclosure | 6.8 | Important | Нет | Нет |
| CVE-2026-50678 | Microsoft Excel Information Disclosure Vulnerability | Information Disclosure | 6.6 | Important | Нет | Нет |
| CVE-2026-49804 | Windows USB Video Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 6.6 | Important | Нет | Нет |
| CVE-2026-45489 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 6.5 | Moderate | Нет | Нет |
| CVE-2026-47282 | GitHub Copilot and Visual Studio Code Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | Нет | Нет |
| CVE-2026-55003 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | Нет | Нет |
| CVE-2026-54108 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing | 6.5 | Important | Нет | Нет |
| CVE-2026-56185 | Windows Admin Center Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | Нет | Нет |
| CVE-2026-57976 | Windows Active Directory Domain Services Denial of Service Vulnerability | Denial of Service | 6.5 | Important | Нет | Нет |
| CVE-2026-57979 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | Нет | Нет |
| CVE-2026-57987 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 6.5 | Important | Нет | Нет |
| CVE-2026-58279 | Azure CycleCloud Elevation of Privilege Vulnerability | Elevation of Privilege | 6.5 | Important | Нет | Нет |
| CVE-2026-56646 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 6.5 | Important | Нет | Нет |
| CVE-2026-34348 | Windows Event Logging Service Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | Нет | Нет |
| CVE-2026-49799 | Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability | Denial of Service | 6.5 | Important | Нет | Нет |
| CVE-2026-50366 | Windows Active Directory Domain Services Denial of Service Vulnerability | Denial of Service | 6.5 | Important | Нет | Нет |
| CVE-2026-50376 | Windows Remote Desktop Client Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | Нет | Нет |
| CVE-2026-50445 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | Нет | Нет |
| CVE-2026-50497 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | Нет | Нет |
| CVE-2026-50504 | Windows Remote Desktop Client Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | Нет | Нет |
| CVE-2026-50659 | .NET Spoofing Vulnerability | Spoofing | 6.5 | Important | Нет | Нет |
| CVE-2026-54126 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | Нет | Нет |
| CVE-2026-55054 | Microsoft Excel Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | Нет | Нет |
| CVE-2026-55051 | Microsoft SharePoint Server Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | Нет | Нет |
| CVE-2026-50468 | Microsoft SQL Server Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | Нет | Нет |
| CVE-2026-54116 | Microsoft SQL Server Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | Нет | Нет |
| CVE-2026-56168 | Windows SMB Server Denial of Service Vulnerability | Denial of Service | 6.5 | Important | Нет | Нет |
| CVE-2026-57982 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | Нет | Нет |
| CVE-2026-58523 | Microsoft Edge for Android Security Feature Bypass Vulnerability | Security Feature Bypass | 6.5 | Important | Нет | Нет |
| CVE-2026-58533 | Windows Remote Desktop Client Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | Нет | Нет |
| CVE-2026-58535 | Windows Remote Desktop Client Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | Нет | Нет |
| CVE-2026-58546 | Windows Remote Desktop Client Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | Нет | Нет |
| CVE-2026-58539 | Windows Remote Desktop Client Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | Нет | Нет |
| CVE-2026-55000 | Windows USB Print Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 6.4 | Important | Нет | Нет |
| CVE-2026-57097 | Microsoft XML Security Feature Bypass Vulnerability | Security Feature Bypass | 6.4 | Important | Нет | Нет |
| CVE-2026-50375 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 6.3 | Important | Нет | Нет |
| CVE-2026-50374 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 6.3 | Important | Нет | Нет |
| CVE-2026-57973 | Windows Subsystem for Linux (WSL2) Kernel Tampering Vulnerability | Tampering | 6.3 | Important | Нет | Нет |
| CVE-2026-58543 | Universal Print Management Service Elevation of Privilege Vulnerability | Elevation of Privilege | 6.3 | Important | Нет | Нет |
| CVE-2026-55145 | Outlook Copilot Tampering Vulnerability | Tampering | 6.3 | Moderate | Нет | Нет |
| CVE-2026-50294 | Windows Kernel Information Disclosure Vulnerability | Information Disclosure | 6.2 | Important | Нет | Нет |
| CVE-2026-49807 | Windows DirectX Information Disclosure Vulnerability | Information Disclosure | 6.2 | Important | Нет | Нет |
| CVE-2026-50420 | HTTP.sys Information Disclosure Vulnerability | Information Disclosure | 6.2 | Important | Нет | Нет |
| CVE-2026-55026 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 6.2 | Important | Нет | Нет |
| CVE-2026-57095 | Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 6.2 | Important | Нет | Нет |
| CVE-2026-58300 | Microsoft Edge for Android Information Disclosure Vulnerability | Information Disclosure | 6.2 | Important | Нет | Нет |
| CVE-2026-49174 | DNS Client Tampering Vulnerability | Tampering | 6.1 | Important | Нет | Нет |
| CVE-2026-54988 | Microsoft Excel Information Disclosure Vulnerability | Information Disclosure | 6.1 | Important | Нет | Нет |
| CVE-2026-50383 | Windows Print Spooler Information Disclosure Vulnerability | Information Disclosure | 6.1 | Important | Нет | Нет |
| CVE-2026-50453 | Windows USB Audio Class Driver Information Disclosure Vulnerability | Information Disclosure | 6.1 | Important | Нет | Нет |
| CVE-2026-50495 | DNS Client Tampering Vulnerability | Tampering | 6.1 | Important | Нет | Нет |
| CVE-2026-55898 | Microsoft Excel Information Disclosure Vulnerability | Information Disclosure | 6.1 | Important | Нет | Нет |
| CVE-2026-58291 | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | Information Disclosure | 6.1 | Important | Нет | Нет |
| CVE-2026-58638 | Windows Boot Loader Security Feature Bypass Vulnerability | Security Feature Bypass | 6.0 | Important | Нет | Нет |
| CVE-2026-50324 | Windows Active Directory Federation Services Denial of Service Vulnerability | Denial of Service | 5.9 | Important | Нет | Нет |
| CVE-2026-56649 | Windows Network File System Remote Code Execution Vulnerability | Remote Code Execution | 5.9 | Important | Нет | Нет |
| CVE-2026-34349 | Windows Media Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-34346 | Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-49177 | Windows TCP/IP Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-45496 | Visual Studio Code Security Feature Bypass Vulnerability | Security Feature Bypass | 5.5 | Important | Нет | Нет |
| CVE-2026-54997 | Windows SMB Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-58614 | Windows Kernel Security Feature Bypass Vulnerability | Security Feature Bypass | 5.5 | Important | Нет | Нет |
| CVE-2026-33842 | Windows File Explorer Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-34328 | Windows Audio Service Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-40422 | Windows File Explorer Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-41087 | Windows File Explorer Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-49180 | Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-49801 | Windows SMB Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50316 | Windows Kernel Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50295 | Windows Zero Trust DNS Security Feature Bypass Vulnerability | Security Feature Bypass | 5.5 | Important | Нет | Нет |
| CVE-2026-50350 | Windows Trusted Runtime Interface Driver Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50381 | Composite Image File System driver (cimfs.sys) Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50300 | Windows DWM Core Library Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50303 | Windows Key Guard Security Feature Bypass Vulnerability | Security Feature Bypass | 5.5 | Important | Нет | Нет |
| CVE-2026-50341 | Windows NTFS Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50434 | Windows Push Notification Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50339 | Windows Push Notification Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50430 | Windows Push Notification Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50377 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 5.5 | Important | Нет | Нет |
| CVE-2026-50401 | Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50334 | Windows Push Notification Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50352 | Windows Cryptographic Services Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50437 | Windows DWM Core Library Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50455 | Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50409 | Windows Overlay Filter Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50473 | Windows File Explorer Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50442 | Windows File Explorer Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50389 | Windows File Explorer Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50456 | Windows File Explorer Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50431 | Windows Quality of Service (QoS) Packet Scheduler Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50394 | Windows Media Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50475 | Windows Kernel Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50483 | Windows Graphics Component Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50681 | Windows Secure Channel Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50690 | Windows SMB Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-48580 | Microsoft Excel Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-50408 | Microsoft Excel Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-55046 | Microsoft Excel Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-55023 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-55027 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-55028 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-55047 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-55050 | Microsoft Word Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-55138 | Microsoft Excel Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-55124 | Microsoft Word Information Disclosure Vulnerability | Remote Code Execution | 5.5 | Important | Нет | Нет |
| CVE-2026-55035 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-55057 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-55142 | Microsoft Word Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-55042 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-55139 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-56184 | Win32k Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-56192 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-56195 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-56178 | Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability | Elevation of Privilege | 5.5 | Important | Нет | Нет |
| CVE-2026-57083 | Windows Media Photo Codec Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-57084 | Windows File Explorer Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-57085 | Windows Print Spooler Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-58547 | Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability | Elevation of Privilege | 5.5 | Important | Нет | Нет |
| CVE-2026-58545 | Windows Kernel Security Feature Bypass Vulnerability | Security Feature Bypass | 5.5 | Important | Нет | Нет |
| CVE-2026-55121 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | Нет | Нет |
| CVE-2026-45488 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 5.4 | Moderate | Нет | Нет |
| CVE-2026-58278 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 5.4 | Important | Нет | Нет |
| CVE-2026-56157 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing | 5.4 | Important | Нет | Нет |
| CVE-2026-58524 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 5.4 | Important | Нет | Нет |
| CVE-2026-44806 | Windows Secure Channel Denial of Service Vulnerability | Denial of Service | 5.3 | Important | Нет | Нет |
| CVE-2026-50432 | Window Virtual Filtering Platform (VFP) Denial of Service Vulnerability | Denial of Service | 5.3 | Important | Нет | Нет |
| CVE-2026-50415 | Windows Media Information Disclosure Vulnerability | Information Disclosure | 5.3 | Important | Нет | Нет |
| CVE-2026-50418 | Windows System Secure Feature Bypass Vulnerability | Security Feature Bypass | 5.1 | Important | Нет | Нет |
| CVE-2026-26145 | Microsoft Azure Synapse Elevation of Privilege Vulnerability | Elevation of Privilege | 4.8 | Critical | Нет | Нет |
| CVE-2026-50684 | Active Directory Federation Server Spoofing Vulnerability | Spoofing | 4.8 | Important | Нет | Нет |
| CVE-2026-49167 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 4.7 | Important | Нет | Нет |
| CVE-2026-50310 | Windows Human Interface Device Information Disclosure Vulnerability | Information Disclosure | 4.7 | Important | Нет | Нет |
| CVE-2026-50312 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Elevation of Privilege | 4.7 | Important | Нет | Нет |
| CVE-2026-50657 | Microsoft Defender for Endpoint for Mac Information Disclosure Vulnerability | Information Disclosure | 4.7 | Important | Нет | Нет |
| CVE-2026-49794 | Windows USB Audio Class Driver Information Disclosure Vulnerability | Information Disclosure | 4.6 | Important | Нет | Нет |
| CVE-2026-55016 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing | 4.6 | Important | Нет | Нет |
| CVE-2026-55019 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing | 4.6 | Important | Нет | Нет |
| CVE-2026-55020 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing | 4.6 | Important | Нет | Нет |
| CVE-2026-55030 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing | 4.6 | Important | Нет | Нет |
| CVE-2026-55135 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing | 4.6 | Important | Нет | Нет |
| CVE-2026-50485 | Windows Hyper-V Denial of Service Vulnerability | Denial of Service | 4.5 | Important | Нет | Нет |
| CVE-2026-58597 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 4.3 | Low | Нет | Нет |
| CVE-2026-55945 | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | Information Disclosure | 4.2 | Moderate | Нет | Нет |
| CVE-2026-50302 | Windows Cryptographic Services Security Feature Bypass Vulnerability | Security Feature Bypass | 4.2 | Important | Нет | Нет |
| CVE-2026-50419 | Windows Kernel Information Disclosure Vulnerability | Information Disclosure | 3.3 | Important | Нет | Нет |
| CVE-2026-50416 | Win32k Information Disclosure Vulnerability | Information Disclosure | 3.3 | Important | Нет | Нет |
Ретроспективный анализ уязвимостей
CVE-2026-26114 - Microsoft SharePoint Server Remote Code Execution Vulnerability (Remote Code Execution). Уязвимость десериализации недоверенных данных, позволяющая авторизованному злоумышленнику с минимальными правами участника сайта (Site Member) выполнить произвольный код на сервере. Опубликованный PoC демонстрирует эксплуатацию полной цепочки (full-chain): использование SQL-инъекции в компоненте Taxonomy для внедрения специально сформированного объекта в системную таблицу, который затем автоматически десериализуется фоновой службой SharePoint (OWSTIMER). Уязвимость была исправлена в марте 2026 года.
CVE-2026-33829 - Windows Snipping Tool Spoofing Vulnerability (Spoofing). Уязвимость в приложении «Ножницы» (Snipping Tool), позволяющая раскрыть Net-NTLM хэши пользователей. Проблема связана с недостаточной валидацией входных данных в зарегистрированном обработчике URI-схемы ms-screensketch. Злоумышленник может обманом заставить жертву перейти по специально подготовленной ссылке, параметр filePath в которой указывает на внешний SMB-ресурс. При переходе и подтверждении запуска приложения система автоматически пытается загрузить файл по сети, передавая NTLM-хэш пользователя на сервер атакующего. На GitHub опубликован детальный разбор для данной уязвимости. Она была исправлена в апреле 2026 года.
CVE-2026-47291 — HTTP.sys Remote Code Execution Vulnerability (Remote Code Execution). Уязвимость представляет собой целочисленное переполнение, приводящее к переполнению буфера в куче ядра Windows при обработке HTTP-запросов драйвером HTTP.sys. Проблема возникает из-за некорректного приведения типов при увеличении счетчика лимита заголовков, в результате чего под новый массив выделяется буфер недостаточного размера. Неаутентифицированный злоумышленник может направить специально созданный HTTP- или HTTP/2-запрос со множеством заголовков, что вызывает перезапись памяти ядра во время копирования данных и позволяет удаленно выполнить произвольный код с системными привилегиями. На GitHub доступен PoC, демонстрирующий механизм переполнения счетчика при отправке большого количества заголовков. Уязвимость была исправлена в июне 2026 года.
CVE-2026-45504 — Microsoft Exchange Server Elevation of Privilege Vulnerability (Elevation of Privilege). Уязвимость типа Server-Side Request Forgery (SSRF), связанная с некорректной валидацией путей при обработке внешних вложений (Reference Attachments). Авторизованный злоумышленник с низким уровнем привилегий и активным почтовым ящиком может создать сообщение со ссылкой на внешний контролируемый ресурс, который при обращении возвращает XML-ответ с локальным путем (например, к системным файлам). При вызове функции предварительного просмотра вложения в OWA (GetAttachmentPreview) сервер Exchange обрабатывает этот путь и возвращает содержимое локального файла пользователю, что позволяет обойти ограничения доступа и повысить привилегии в системе. На GitHub доступен PoC демонстрирующий данную уязвимость. Уязвимость была исправлена в июне 2026 года.
CVE-2026-42980 — Windows NT OS Kernel Elevation of Privilege Vulnerability (Elevation of Privilege). Уязвимость связана с целочисленным переполнением снизу (Integer Underflow) в подсистеме WMI ядра Windows (ntoskrnl.exe) при вызове функций WmipQueryAllDataMultiple (IOCTL 0x22812C) и WmipQuerySingleMultiple (IOCTL 0x228130). Из-за некорректного вычитания размера данных из беззнакового 32-битного счетчика оставшегося буфера переменная длины принимает критически большое значение. Это позволяет локальному пользователю спровоцировать переполнение буфера в куче ядра, перезаписать смежные структуры именованных каналов (NP_DATA_QUEUE_ENTRY) и повысить свои привилегии до уровня SYSTEM. На GitHub доступно подробное техническое описание и PoC для данной уязвимости. Уязвимость была исправлена в июне 2026 года.
Вывод
Июльский выпуск обновлений — это беспрецедентный вызов для ИТ-инфраструктуры любой организации. Обработать 622 уязвимости за стандартный цикл тестирования практически невозможно, поэтому критически важна приоритизация.
Рекомендуемый план действий на июль:
- Срочное закрытие уязвимостей «нулевого дня» (Zero-Days):
- Немедленно обновите серверы аутентификации AD FS (CVE-2026-56155), чтобы исключить компрометацию учетных записей.
- Установите патчи на серверы SharePoint (CVE-2026-56164) и настройте интеграцию с AMSI для инспекции входящего веб-трафика.
- Защита облачных систем и виртуализации: Обновите гипервизоры Hyper-V (для закрытия бреши в VMSwitch) и синхронизируйте политики безопасности для облачных платформ Entra и Azure OpenAI.
- Защита сетевых служб (RCE): Накатите обновления на критически важные серверные роли — DHCP-серверы и серверы баз данных SQL Server.
- Мобильные устройства: Установите накопительные обновления на корпоративные ноутбуки для закрытия публичной бреши в BitLocker (CVE-2026-50661).
Внимание на ретроспективный анализ: Ситуацию усложняет тот факт, что за прошедший месяц в публичном доступе (включая GitHub) появились детальные разборы и PoC-эксплойты для критических уязвимостей июня и весны. Среди них: опаснейший RCE в HTTP.sys (CVE-2026-47291), SSRF в Exchange Server (CVE-2026-45504) и логические обходы аутентификации SMB (CVE-2026-24294). Если вы не закрыли эти бреши ранее, ваша сеть подвергается огромному риску прямо сейчас, еще до начала анализа июльского сверхпакета обновлений. Ликвидация технического долга по патчам за прошлые месяцы должна идти параллельно с закрытием Zero-Day уязвимостей июля.