Ру
Русский English

Анализ обновлений Microsoft Patch Tuesday – Июль 2026

Краткое Резюме

Во вторник, 14.07.2026, Microsoft выпустила ежемесячный патч безопасности, устраняющий 622 уязвимости в своих продуктах.

По уровню опасности:

  • Critical - 62;
  • Moderate - 6;
  • Important - 553;
  • Low - 1.

Эксплуатируемые (Zero-Days) и Публично Раскрытые Уязвимости

Особое внимание следует уделить на следующие 3 уязвимости. Их исправление является наивысшим приоритетом:

  • CVE-2026-56155 (CVSS 7.8; Important) - Active Directory Federation Services Elevation of Privilege Vulnerability (Elevation of Privilege). Уязвимость вызвана недостаточной детализацией контроля доступа (CWE-1220) в службах федерации Active Directory (AD FS). Авторизованный злоумышленник с низкими правами в системе может использовать этот недостаток для локального обхода ограничений доступа и повышения своих привилегий до уровня администратора.
  • CVE-2026-56164 (CVSS 5.3; Moderate) - Microsoft SharePoint Server Elevation of Privilege Vulnerability (Elevation of Privilege). Уязвимость вызвана отсутствием проверки подлинности для критически важных функций (CWE-306) в Microsoft SharePoint Server. Удаленный неавторизованный злоумышленник может эксплуатировать ошибку по сети с низким уровнем сложности и без какого-либо взаимодействия с пользователем, что позволяет повысить привилегии в системе. Для защиты и обнаружения потенциальных атак рекомендуется активировать интеграцию с AMSI (Antimalware Scan Interface) и настроить полное сканирование тела POST-запросов для рабочих процессов IIS.
  • CVE-2026-50661 (CVSS 6.1; Important) - Windows BitLocker Security Feature Bypass Vulnerability (Security Feature Bypass). Уязвимость связана со сбоем в механизме защиты Windows BitLocker (CWE-693). Злоумышленник, имеющий непосредственный физический доступ к целевому устройству, может использовать эту уязвимость для обхода функции шифрования дисков BitLocker Device Encryption, что позволяет получить несанкционированный доступ к защищенным и зашифрованным данным на накопителе системы.

Общие тенденции

Июльский Patch Tuesday 2026 года стал беспрецедентным событием в истории обновлений Microsoft. Компания выпустила исправления для рекордных 622 уязвимостей, среди которых 62 имеют статус «Critical». Такой колоссальный объем (фактически заменяющий три-четыре стандартных ежемесячных пакета) создает экстремальную нагрузку на службы системного администрирования и кибербезопасности. Ключевые тенденции этого сверхмасштабного релиза:

  • Выпуск более 600 патчей за один раз указывает либо на обнаружение крупной системной проблемы в базовых библиотеках Windows, либо на накопление результатов длительных аудитов безопасности. В любом случае, это требует от организаций изменения подходов к приоритизации обновлений.
  • Активные атаки на службы идентификации и совместной работы: Особое внимание необходимо обратить на две уязвимости, которые уже активно эксплуатируются злоумышленниками (Zero-Days). Первая — CVE-2026-56155 в AD FS (Active Directory Federation Services). Компрометация единой точки входа (SSO) позволяет атакующим получить доступ к десяткам связанных корпоративных сервисов. Вторая — очередная брешь в SharePoint Server (CVE-2026-56164), требующая для защиты не только патча, но и глубокой настройки сканирования POST-запросов через AMSI.
  • Удар по облачным ИИ-платформам и виртуализации: Microsoft закрыла критические уязвимости повышения привилегий (CVSS 9.9) в Azure OpenAI (CVE-2026-45499) и службе каталогов Microsoft Entra (CVE-2026-57100). Также исправлена опасная брешь в виртуальном коммутаторе VMSwitch (CVE-2026-57092), потенциально позволяющая осуществить побег из виртуальной машины на хост-систему (Hyper-V escape).
  • Инфраструктурные RCE-угрозы: Сектор сетевых служб продолжает оставаться крайне уязвимым. Исправлены критические RCE-ошибки (CVSS 9.8) в DHCP Server, FTP Service, драйвере сетевой карты Windows Server, а также в SQL Server и RDP.
  • Физическая безопасность под вопросом: Публично раскрытая уязвимость обхода BitLocker (CVE-2026-50661) продолжает серию весенне-летних раскрытий методов обхода шифрования дисков. Это критично для защиты информации на мобильных устройствах сотрудников в случае их утери.

Полный Список Уязвимостей

Ниже представлена таблица со всеми уязвимостями, исправленными в этом месяце.

CVETitleTypeCVSSSeverityЭксплуатируетсяПублично Раскрыта
CVE-2026-56155Active Directory Federation Services Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantДаНет
CVE-2026-50661Windows BitLocker Security Feature Bypass VulnerabilitySecurity Feature Bypass6.1ImportantНетДа
CVE-2026-56164Microsoft SharePoint Server Elevation of Privilege VulnerabilityElevation of Privilege5.3ModerateДаНет
CVE-2026-45499Azure OpenAI Elevation of Privilege VulnerabilityElevation of Privilege9.9CriticalНетНет
CVE-2026-57100Microsoft Entra Provisioning Service Elevation of Privilege VulnerabilityElevation of Privilege9.9CriticalНетНет
CVE-2026-57092Microsoft Windows VMSwitch Elevation of Privilege VulnerabilityElevation of Privilege9.9CriticalНетНет
CVE-2026-42990SQL Server ODBC driver Elevation of Privilege VulnerabilityRemote Code Execution9.8ImportantНетНет
CVE-2026-49172Windows FTP Service Remote Code Execution VulnerabilityRemote Code Execution9.8ImportantНетНет
CVE-2026-54990Remote Desktop Client Remote Code Execution VulnerabilityRemote Code Execution9.8ImportantНетНет
CVE-2026-50522Microsoft SharePoint Remote Code Execution VulnerabilityRemote Code Execution9.8CriticalНетНет
CVE-2026-58644Microsoft SharePoint Remote Code Execution VulnerabilityRemote Code Execution9.8CriticalНетНет
CVE-2026-50447Windows Message Queuing Service (MSMQ) Remote Code Execution VulnerabilityRemote Code Execution9.8ImportantНетНет
CVE-2026-50518Windows DHCP Server Remote Code Execution VulnerabilityRemote Code Execution9.8CriticalНетНет
CVE-2026-55010Minecraft Bedrock Dedicated Server Remote Code Execution VulnerabilityRemote Code Execution9.8CriticalНетНет
CVE-2026-55944Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution VulnerabilityRemote Code Execution9.8CriticalНетНет
CVE-2026-56159DHCP Server Service Remote Code Execution VulnerabilityRemote Code Execution9.8CriticalНетНет
CVE-2026-56190Remote Desktop Protocol Remote Code Execution VulnerabilityRemote Code Execution9.8ImportantНетНет
CVE-2026-56188Windows Server Network driver Remote Code Execution VulnerabilityRemote Code Execution9.8CriticalНетНет
CVE-2026-48561Microsoft Copilot Remote Code Execution VulnerabilityRemote Code Execution9.6CriticalНетНет
CVE-2026-50380Windows GDI+ Remote Code Execution VulnerabilityRemote Code Execution9.6CriticalНетНет
CVE-2026-55008Microsoft Exchange Server Spoofing VulnerabilitySpoofing9.6CriticalНетНет
CVE-2026-41106Microsoft 365 Copilot Elevation of Privilege VulnerabilityElevation of Privilege9.3CriticalНетНет
CVE-2026-49798Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege9.3ImportantНетНет
CVE-2026-55040Microsoft SharePoint Server Security Feature Bypass VulnerabilitySecurity Feature Bypass9.1CriticalНетНет
CVE-2026-58289Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution9.0ImportantНетНет
CVE-2026-54998Microsoft Exchange Online Elevation of Privilege VulnerabilityElevation of Privilege8.8CriticalНетНет
CVE-2026-47303ASP.NET Core Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-50663Game: Age of Empires II: Definitive Edition Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2026-54107Windows Win32k Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-54982Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalНетНет
CVE-2026-54999Windows TCP/IP Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalНетНет
CVE-2026-54117Microsoft SQL Server Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalНетНет
CVE-2026-54118Microsoft SQL Server Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalНетНет
CVE-2026-57969Azure CycleCloud Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-57981Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2026-56645Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2026-58608Windows Print Spooler Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalНетНет
CVE-2026-47632Azure Monitor Agent Metrics Extension Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-48564DHCP Server Service Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalНетНет
CVE-2026-49178Windows Active Directory Domain Services Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2026-49795Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-50342Windows MIDI Service Module Elevation of Privileges VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-50360Windows SMB Server Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-50370DHCP Server Service Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalНетНет
CVE-2026-50398Windows Media Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-50382DirectX Graphics Kernel Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalНетНет
CVE-2026-50369Windows Remote Desktop Services Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-50385Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-50413Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-50438Microsoft PC Manager Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-50474Remote Desktop Client Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalНетНет
CVE-2026-50444Windows Server Update Service (WSUS) Elevation of Privilege VulnerabilityElevation of Privilege8.8CriticalНетНет
CVE-2026-50477Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-50489Win32k Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-47295Microsoft SQL Server Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-50666Windows Remote Access Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-50670Windows Win32k Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-54121Active Directory Certificate Services Elevation of Privilege VulnerabilityElevation of Privilege8.8CriticalНетНет
CVE-2026-50687Windows Win32k Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-50692Desktop Window Manager Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-55052Microsoft SharePoint Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-41109GitHub Copilot and Visual Studio Code Security Feature Bypass VulnerabilitySecurity Feature Bypass8.8ImportantНетНет
CVE-2026-56196Windows Admin Center (WAC) Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2026-56197Windows Admin Center (WAC) Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2026-56642Microsoft Fabric Data Warehouse Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2026-56194Windows NFS Server Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-56647Windows Remote Access Service Infrastructure Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-57090Microsoft Windows Media Foundation Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalНетНет
CVE-2026-57094Microsoft Windows Media Foundation Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalНетНет
CVE-2026-57087Microsoft Windows Media Foundation Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalНетНет
CVE-2026-57102Visual Studio Code Security Feature Bypass VulnerabilitySecurity Feature Bypass8.8ImportantНетНет
CVE-2026-57974Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2026-58277Microsoft SharePoint Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-58534Windows Input Method Editor (IME) Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-58594Remote Desktop Client Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2026-58626Windows Remote Desktop Services Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2026-55005Microsoft Exchange Server Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2026-47300ASP.NET Core Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-47301Configuration Manager Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2026-57983Microsoft Edge (Chromium-based) Security Feature Bypass VulnerabilitySecurity Feature Bypass8.7ImportantНетНет
CVE-2026-50340Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege8.5ImportantНетНет
CVE-2026-54992Microsoft Message Queuing Queue Manager Remote Code Execution VulnerabilityRemote Code Execution8.4CriticalНетНет
CVE-2026-54122Windows GDI+ Remote Code Execution VulnerabilityRemote Code Execution8.4ImportantНетНет
CVE-2026-50520Visual Studio Code Remote Code Execution VulnerabilityRemote Code Execution8.4ImportantНетНет
CVE-2026-49184Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution8.4ImportantНетНет
CVE-2026-54128Windows DHCP Client Remote Code Execution VulnerabilityRemote Code Execution8.4CriticalНетНет
CVE-2026-55045Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution8.4CriticalНетНет
CVE-2026-58281Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution8.3ImportantНетНет
CVE-2026-58284Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution8.3ImportantНетНет
CVE-2026-58285Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution8.3ImportantНетНет
CVE-2026-58287Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution8.3ImportantНетНет
CVE-2026-58288Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution8.3ImportantНетНет
CVE-2026-58295Microsoft Edge (Chromium-based) Security Feature Bypass VulnerabilitySecurity Feature Bypass8.3ImportantНетНет
CVE-2026-58596Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityElevation of Privilege8.3ImportantНетНет
CVE-2026-56181Windows Network Address Translation (NAT) Spoofing VulnerabilitySpoofing8.3ModerateНетНет
CVE-2026-50338Azure Spring Apps Elevation of Privilege VulnerabilityElevation of Privilege8.2ImportantНетНет
CVE-2026-50429Windows Kernel Information Disclosure VulnerabilityInformation Disclosure8.2ImportantНетНет
CVE-2026-50528.NET Security Feature Bypass VulnerabilitySecurity Feature Bypass8.2ImportantНетНет
CVE-2026-50680Windows Hyper-V Elevation of Privilege VulnerabilityElevation of Privilege8.2CriticalНетНет
CVE-2026-58525Microsoft Edge (Chromium-based) Security Feature Bypass VulnerabilitySecurity Feature Bypass8.2ImportantНетНет
CVE-2026-42900Microsoft Windows App Store Elevation of Privilege VulnerabilityElevation of Privilege8.1ImportantНетНет
CVE-2026-49164Windows Active Directory Domain Services Remote Code Execution VulnerabilityRemote Code Execution8.1CriticalНетНет
CVE-2026-54995Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution VulnerabilityRemote Code Execution8.1CriticalНетНет
CVE-2026-56169Windows Admin Center Elevation of Privilege VulnerabilityElevation of Privilege8.1ImportantНетНет
CVE-2026-50694Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution VulnerabilityRemote Code Execution8.1CriticalНетНет
CVE-2026-58595Microsoft Bing App for IOS Spoofing VulnerabilitySpoofing8.1ImportantНетНет
CVE-2026-47304.NET Security Feature Bypass VulnerabilitySecurity Feature Bypass8.1ImportantНетНет
CVE-2026-50460Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege8.1ImportantНетНет
CVE-2026-50439Microsoft Message Queuing Queue Manager Remote Code Execution VulnerabilityRemote Code Execution8.1ImportantНетНет
CVE-2026-50487Windows DNS Client Elevation of Privilege VulnerabilityElevation of Privilege8.1ImportantНетНет
CVE-2026-50686Windows OLE Remote Code Execution VulnerabilityRemote Code Execution8.1ImportantНетНет
CVE-2026-56186Windows Secure Channel Information Disclosure VulnerabilityInformation Disclosure8.1ImportantНетНет
CVE-2026-58282Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing8.1ImportantНетНет
CVE-2026-58283Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing8.1ImportantНетНет
CVE-2026-58286Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing8.1ImportantНетНет
CVE-2026-58293Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution8.1ImportantНетНет
CVE-2026-58617M365 Copilot for iOS Elevation of Privilege VulnerabilityElevation of Privilege8.1ImportantНетНет
CVE-2026-42975Windows Bluetooth Port Driver Remote Code ExecutionRemote Code Execution8.0ImportantНетНет
CVE-2026-49169Windows DNS Server Remote Code Execution VulnerabilityRemote Code Execution8.0ImportantНетНет
CVE-2026-58647Microsoft PowerBI Report Server Spoofing VulnerabilitySpoofing8.0ImportantНетНет
CVE-2026-40400Windows PowerShell Remote Code Execution VulnerabilityRemote Code Execution8.0ImportantНетНет
CVE-2026-50365Remote Access Management service/API (RPC server) Elevation of Privilege VulnerabilityElevation of Privilege8.0ImportantНетНет
CVE-2026-50502Windows Event Logging Service Remote Code Execution VulnerabilityRemote Code Execution8.0ImportantНетНет
CVE-2026-50683Windows DHCP Client Elevation of Privilege VulnerabilityElevation of Privilege8.0ImportantНетНет
CVE-2026-42982Windows Secure Kernel Mode Elevation of Privilege VulnerabilityElevation of Privilege7.8CriticalНетНет
CVE-2026-47296Microsoft SQL Server Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-49166Windows Print Configuration Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-49170Windows StateRepository API Server file Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-49176Windows WalletService Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-49175Windows DNS Client Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-49173Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-54987Windows Overlay Filter Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50697Windows Common Log File System Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-54991Windows USB Print Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-54986Windows Win32k Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-54993Microsoft Windows Media Foundation Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55001Active Directory Domain Services Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-54112Windows Win32k Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-55004Windows Print Configuration Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-54109Windows Resilient File System (ReFS) Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-54114Windows Win32k Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-55011Microsoft Defender Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2026-55012Microsoft Defender Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2026-55002Microsoft SQL Server Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50675Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55899Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55948Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-57107Windows Admin Center Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-55014Windows Remote Help Defense Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-58601Virtual Hard Disk (VHD) Miniport Driver Elevation of Privilege VulernabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-58602Windows Kernel-Mode Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-58609Windows Graphics Component Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-58610Microsoft Windows Media Foundation Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-58618Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-58631Windows Admin Center (WAC) Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-58635Windows Narrator Braille Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-58636Microsoft PC Manager Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-44800Windows Push Notifications Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-48581Surface Broker SDMA Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-49783Secure Boot Security Feature Bypass VulnerabilitySecurity Feature Bypass7.8ImportantНетНет
CVE-2026-49792Windows Resilient File System (ReFS) Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-49793Windows Resilient File System (ReFS) Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-49796Windows GDI+ Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2026-49797Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-49800Windows Web Proxy Auto-Discovery Protocol (WPAD) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50308Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-50311Windows Server Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50333Windows Spaceport.sys Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50318Windows Resilient File System (ReFS) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50351Windows Audio Compression Manager (ACM) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-49808Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50293Windows Internal Task Bar Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50332Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50305Microsoft Brokering File System Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50329Microsoft DWM Core Library Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50363Windows Push Notifications Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50306Windows TCP/IP Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50412Windows NTFS Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50337Windows Notification Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50386Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-50400Windows App Package Installer Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50309Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-50326Windows Unified Consent System Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50313Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-50440Windows Audio Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50327Windows Media Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2026-50407Windows Resilient File System (ReFS) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50331Windows Application Model Core API Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50343Microsoft Install Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50347Windows Data.dll Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-50321Windows USB Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50425Windows Internal System User Profile Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50315Windows Image Acquisition Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50357Windows Resilient File System (ReFS) Elevation of Privilege VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-50335Windows Operating Systems Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50361Microsoft Brokering File System Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50317Windows Operating Systems Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50373Windows Search Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50353DirectX Graphics Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50388Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-50336Windows Media Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50433Windows Media Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50391Windows Group Policy Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50423Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50378Windows Key Guard Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50346Netlogon RPC Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50405Windows Filtering Platform Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50448Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-50387Windows GDI Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50344Windows OLE Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50436Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50471Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-50469Windows Projected File System Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50454Windows User Interface Core Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50427Content Delivery Manager Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50422Windows NTFS Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50421Windows Connected User Experiences and Telemetry Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50367Windows Sensor Data Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50466Microsoft Brokering File System Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50402NTFS Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50435Windows Overlay Filter Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50441Windows Resilient File System (ReFS) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50462Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50457Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50399Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50461Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-50417Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-50362Windows Resilient File System (ReFS) Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-50458Microsoft Brokering File System Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50476Windows Network Connections Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50450Windows Network Connections Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50478Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50479Windows USB Hub Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50480Windows Web Proxy Auto-Discovery Protocol (WPAD) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50484Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50493DirectX Graphics Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50486Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50488Clipboard User Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50499Windows Print Spooler Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50494Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-50498Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50501Windows Resilient File System (ReFS) Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-50509Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50510GitHub Copilot Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-50646.NET Framework Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-50649.NET Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-50650.NET Framework Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50655Microsoft Windows Media Foundation Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2026-50667Windows Common Log File System Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50673Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50676Windows Media Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50677Windows Media Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-54115Windows Message Queuing (MSMQ) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50679Windows Search Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50688Windows Win32k Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-50689Windows Clipboard Server Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-54125Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-47290Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-47642Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-50301Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-50314Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2026-50467Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2026-55017Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55024Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55018Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2026-55022Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2026-55025Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55125Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55031Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55048Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55029Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55039Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55049Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2026-55032Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55033Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2026-55041Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55127Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2026-55136Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55141Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55129Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2026-55036Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55044Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55055Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55037Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55058Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55038Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55132Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2026-55137Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55053Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55131Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55134Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55056Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2026-55140Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2026-55128Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55130Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55043Microsoft PowerPoint Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2026-55133Microsoft OneNote Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55123Microsoft PowerPoint Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2026-55120Microsoft PowerPoint Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2026-54131Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55947Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-55949Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-56156Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-56176Windows Win32k Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-56175Windows NTFS Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-56182Windows NTFS Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-56189Microsoft Windows Media Foundation Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2026-50665Microsoft Office Information Disclosure VulnerabilityInformation Disclosure7.8ImportantНетНет
CVE-2026-56643DirectX Graphics Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-56644DirectX Graphics Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-54124Windows Terminal Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-56650Windows Network File System Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-57091Windows File History Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-57088Extensible Storage Engine (ESENT) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-57096Windows Routing and Remote Access Service (RRAS) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-57968Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-58527Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-58530Windows Resilient File System (ReFS) Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-58538Windows Bluetooth Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-58540Windows Installer Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-58532Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-58537Microsoft NAT Helper Components (ipnathlp.dll) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-58536Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-58542Windows Media Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2026-58541Microsoft DWM Core Library Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-47305Visual Studio Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2026-58613Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-58628Windows Wireless Network Manager Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-58632Windows Win32 Kernel Subsystem Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-58633Desktop Window Manager Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-58634Desktop Window Manager Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-55006Microsoft Exchange Server Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-55009Microsoft Exchange Server Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2026-57985Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution7.6ImportantНетНет
CVE-2026-49171Windows Speech Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.5ImportantНетНет
CVE-2026-50506OData for ASP.NET and ASP.NET Core Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-54983Windows Active Directory Federation Services Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-50695Windows Active Directory Federation Services Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-50696Internet Key Exchange (IKE) Protocol Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-54119Windows Active Directory Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-50524.NET Framework Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-56170ASP.NET Core Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-57984Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantНетНет
CVE-2026-57986Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantНетНет
CVE-2026-57992Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantНетНет
CVE-2026-58276Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantНетНет
CVE-2026-50652Azure Active Directory Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-50653Azure Active Directory Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-40378Windows Local Security Authority Subsystem Service (LSASS) Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-45646OData for ASP.NET and ASP.NET Core Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-49181Windows DHCP Client Elevation of Privilege VulnerabilityElevation of Privilege7.5ImportantНетНет
CVE-2026-49787HTTP.sys Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-49788HTTP/2 Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-50304Windows Active Directory Federation Services Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-50328Windows Server Update Service (WSUS) Tampering VulnerabilityTampering7.5ImportantНетНет
CVE-2026-50368Windows Active Directory Federation Services Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-50330Windows Remote Desktop Client Elevation of Privilege VulnerabilityElevation of Privilege7.5ImportantНетНет
CVE-2026-50355Windows Active Directory Federation Services Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-50414Windows Media Elevation of Privilege VulnerabilityElevation of Privilege7.5ImportantНетНет
CVE-2026-50379Windows Media Elevation of Privilege VulnerabilityElevation of Privilege7.5ImportantНетНет
CVE-2026-50463Windows Kernel Information Disclosure VulnerabilityInformation Disclosure7.5ImportantНетНет
CVE-2026-50411Windows Active Directory Federation Services Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-50424Windows Domain Controller Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-50470Windows Network Policy Server SNMP Information Disclosure VulnerabilityInformation Disclosure7.5ImportantНетНет
CVE-2026-50500Windows Netlogon Elevation of Privilege VulnerabilityElevation of Privilege7.5ImportantНетНет
CVE-2026-50505Windows Message Queuing Service (MSMQ) Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantНетНет
CVE-2026-50496Windows Network Policy Server SNMP Information Disclosure VulnerabilityInformation Disclosure7.5ImportantНетНет
CVE-2026-50525.NET Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-50527.NET Framework Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-50647Active Directory Federation Server Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-50648.NET Framework Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-50651.NET Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-50685Windows DHCP Server Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantНетНет
CVE-2026-56648Windows NFS Server Elevation of Privilege VulnerabilityElevation of Privilege7.5ImportantНетНет
CVE-2026-57089Windows SMB Server Network Transport Driver (srvnet.sys) Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantНетНет
CVE-2026-57108.NET Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-57975Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantНетНет
CVE-2026-58290Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantНетНет
CVE-2026-58292Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantНетНет
CVE-2026-58294Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantНетНет
CVE-2026-58299Microsoft Edge for Android Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantНетНет
CVE-2026-58531Windows SMB Elevation of Privilege VulnerabilityElevation of Privilege7.5ImportantНетНет
CVE-2026-58627Windows DHCP Server Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-47302.NET Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2026-54127Windows Hyper-V Elevation of Privilege VulnerabilityElevation of Privilege7.4CriticalНетНет
CVE-2026-57991Microsoft Edge (Chromium-based) Information Disclosure VulnerabilityInformation Disclosure7.4ImportantНетНет
CVE-2026-57993Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing7.4ImportantНетНет
CVE-2026-58640Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.3ImportantНетНет
CVE-2026-49789Windows NTFS Elevation of Privilege VulnerabilityElevation of Privilege7.3ImportantНетНет
CVE-2026-49790Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege VulnerabilityElevation of Privilege7.3ImportantНетНет
CVE-2026-50364Windows Backup Service Elevation of Privilege VulnerabilityElevation of Privilege7.3ImportantНетНет
CVE-2026-50482Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.3ImportantНетНет
CVE-2026-55021Microsoft SharePoint Server Spoofing VulnerabilitySpoofing7.3ImportantНетНет
CVE-2026-55034Microsoft SharePoint Server Spoofing VulnerabilitySpoofing7.3ImportantНетНет
CVE-2026-55126Microsoft SharePoint Server Spoofing VulnerabilitySpoofing7.3ImportantНетНет
CVE-2026-58298Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing7.2ImportantНетНет
CVE-2026-49165Microsoft Windows App Store Information Disclosure VulnerabilityInformation Disclosure7.1ImportantНетНет
CVE-2026-55144Windows Cryptography API: Next Generation (CNG) Tampering VulnerabilityTampering7.1ImportantНетНет
CVE-2026-56193Microsoft Office Information Disclosure VulnerabilityInformation Disclosure7.1ImportantНетНет
CVE-2026-57988Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution7.1ImportantНетНет
CVE-2026-49791Windows Routing and Remote Access Service (RRAS) Elevation of Privilege VulnerabilityElevation of Privilege7.1ImportantНетНет
CVE-2026-50354Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.1ImportantНетНет
CVE-2026-50428Windows Container Isolation FS Filter Driver (unionfs.sys) Information Disclosure VulnerabilityInformation Disclosure7.1ImportantНетНет
CVE-2026-50451Windows Routing and Remote Access Service (RRAS) Elevation of Privilege VulnerabilityElevation of Privilege7.1ImportantНетНет
CVE-2026-50465Windows DNS Client Tampering VulnerabilityTampering7.1ImportantНетНет
CVE-2026-50682Active Directory Denial of Service VulnerabilityDenial of Service7.1ImportantНетНет
CVE-2026-55122Microsoft Excel Information Disclosure VulnerabilityInformation Disclosure7.1ImportantНетНет
CVE-2026-57101Visual Studio Code Security Feature Bypass VulnerabilitySecurity Feature Bypass7.1ImportantНетНет
CVE-2026-57977Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing7.1ImportantНетНет
CVE-2026-58296Microsoft Edge for Android Information Disclosure VulnerabilityInformation Disclosure7.1ImportantНетНет
CVE-2026-58297Microsoft Edge for Android Information Disclosure VulnerabilityInformation Disclosure7.1ImportantНетНет
CVE-2026-58529Windows Active Directory Federation Services (ADFS) Information Disclosure VulnerabilityInformation Disclosure7.1ImportantНетНет
CVE-2026-48572Windows App Package Installer Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-48571Windows App Package Installer Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-49162Microsoft Brokering File System Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-49784Microsoft Windows App Store Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-54129Windows Hyper-V Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-54989Quality Windows Audio/Video Experience (QWAVE) Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-54111Universal Print Management Service Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-54996Windows USB Print Driver Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-58526Windows Storage Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-49183Windows Clipboard Server Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-49802Windows USB Print Driver Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-49806Windows USB Print Driver Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-49805Win32k Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-49803Windows AppX Deployment Extensions Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50323Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50296DirectX Graphics Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50297Win32k Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50325Win32k Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50356Microsoft Windows App Store Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50384Windows Clip Service Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50372Windows Redirected Drive Buffering System Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50392Windows Secure Kernel Mode Elevation of Privilege VulnerabilityElevation of Privilege7.0CriticalНетНет
CVE-2026-50393Windows Kernel-Mode Driver Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50307Windows TCP/IP Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50396Windows Kernel-Mode Driver Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50390Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50452Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50348Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50345Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50322Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50404Windows Media Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50358Windows Media Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50410Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50449Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50371Windows LUA File Virtualization Filter Driver Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50403Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50397Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50406Windows Backup Engine Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50459Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50490Windows Installer Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50491Code Integrity DLL (ci.dll) Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50503Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50526.NET Tampering VulnerabilityTampering7.0ImportantНетНет
CVE-2026-50658Microsoft Defender for Endpoint for Mac Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50669Windows Telephony Server Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50672Windows NTFS Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50674Windows USB Print Driver Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-50359Microsoft XML Core Services Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-56173Windows WebView Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-56183Windows MIDI Service Module Elevation of Privileges VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-56187Windows MIDI Service Module Elevation of Privileges VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-57093Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-58544Windows Management Services Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-58619Windows Sensor Data Service Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-58629DirectX Graphics Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-58637Windows Client-Side Caching Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2026-49168Storage Spaces Direct Elevation of Privilege VulnerabilityElevation of Privilege6.8ImportantНетНет
CVE-2026-54132Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege6.8ImportantНетНет
CVE-2026-50299Windows Storage Spaces Direct Remote Code Execution VulnerabilityRemote Code Execution6.8ImportantНетНет
CVE-2026-50298Windows Spaceport.sys Elevation of Privilege VulnerabilityElevation of Privilege6.8ImportantНетНет
CVE-2026-50426Windows DNS Server Remote Code Execution VulnerabilityRemote Code Execution6.8ImportantНетНет
CVE-2026-50492Windows Resilient File System (ReFS) Remote Code Execution VulnerabilityRemote Code Execution6.8ImportantНетНет
CVE-2026-50668Windows Resilient File System (ReFS) Elevation of Privilege VulnerabilityElevation of Privilege6.8ImportantНетНет
CVE-2026-58522Microsoft Edge for Android Information Disclosure VulnerabilityInformation Disclosure6.8ImportantНетНет
CVE-2026-58528Windows USB Audio Class Driver Information Disclosure VulnerabilityInformation Disclosure6.8ImportantНетНет
CVE-2026-50678Microsoft Excel Information Disclosure VulnerabilityInformation Disclosure6.6ImportantНетНет
CVE-2026-49804Windows USB Video Driver Elevation of Privilege VulnerabilityElevation of Privilege6.6ImportantНетНет
CVE-2026-45489Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing6.5ModerateНетНет
CVE-2026-47282GitHub Copilot and Visual Studio Code Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2026-55003Windows Remote Desktop Protocol (RDP) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2026-54108Microsoft SharePoint Server Spoofing VulnerabilitySpoofing6.5ImportantНетНет
CVE-2026-56185Windows Admin Center Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2026-57976Windows Active Directory Domain Services Denial of Service VulnerabilityDenial of Service6.5ImportantНетНет
CVE-2026-57979Windows Remote Desktop Protocol (RDP) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2026-57987Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing6.5ImportantНетНет
CVE-2026-58279Azure CycleCloud Elevation of Privilege VulnerabilityElevation of Privilege6.5ImportantНетНет
CVE-2026-56646Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing6.5ImportantНетНет
CVE-2026-34348Windows Event Logging Service Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2026-49799Windows Local Security Authority Subsystem Service (LSASS) Denial of Service VulnerabilityDenial of Service6.5ImportantНетНет
CVE-2026-50366Windows Active Directory Domain Services Denial of Service VulnerabilityDenial of Service6.5ImportantНетНет
CVE-2026-50376Windows Remote Desktop Client Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2026-50445Windows Remote Desktop Protocol (RDP) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2026-50497Windows Remote Desktop Protocol (RDP) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2026-50504Windows Remote Desktop Client Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2026-50659.NET Spoofing VulnerabilitySpoofing6.5ImportantНетНет
CVE-2026-54126Windows Remote Desktop Protocol (RDP) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2026-55054Microsoft Excel Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2026-55051Microsoft SharePoint Server Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2026-50468Microsoft SQL Server Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2026-54116Microsoft SQL Server Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2026-56168Windows SMB Server Denial of Service VulnerabilityDenial of Service6.5ImportantНетНет
CVE-2026-57982Windows Remote Desktop Protocol (RDP) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2026-58523Microsoft Edge for Android Security Feature Bypass VulnerabilitySecurity Feature Bypass6.5ImportantНетНет
CVE-2026-58533Windows Remote Desktop Client Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2026-58535Windows Remote Desktop Client Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2026-58546Windows Remote Desktop Client Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2026-58539Windows Remote Desktop Client Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2026-55000Windows USB Print Driver Elevation of Privilege VulnerabilityElevation of Privilege6.4ImportantНетНет
CVE-2026-57097Microsoft XML Security Feature Bypass VulnerabilitySecurity Feature Bypass6.4ImportantНетНет
CVE-2026-50375DirectX Graphics Kernel Elevation of Privilege VulnerabilityElevation of Privilege6.3ImportantНетНет
CVE-2026-50374Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityElevation of Privilege6.3ImportantНетНет
CVE-2026-57973Windows Subsystem for Linux (WSL2) Kernel Tampering VulnerabilityTampering6.3ImportantНетНет
CVE-2026-58543Universal Print Management Service Elevation of Privilege VulnerabilityElevation of Privilege6.3ImportantНетНет
CVE-2026-55145Outlook Copilot Tampering VulnerabilityTampering6.3ModerateНетНет
CVE-2026-50294Windows Kernel Information Disclosure VulnerabilityInformation Disclosure6.2ImportantНетНет
CVE-2026-49807Windows DirectX Information Disclosure VulnerabilityInformation Disclosure6.2ImportantНетНет
CVE-2026-50420HTTP.sys Information Disclosure VulnerabilityInformation Disclosure6.2ImportantНетНет
CVE-2026-55026Microsoft Office Information Disclosure VulnerabilityInformation Disclosure6.2ImportantНетНет
CVE-2026-57095Win32k Elevation of Privilege VulnerabilityElevation of Privilege6.2ImportantНетНет
CVE-2026-58300Microsoft Edge for Android Information Disclosure VulnerabilityInformation Disclosure6.2ImportantНетНет
CVE-2026-49174DNS Client Tampering VulnerabilityTampering6.1ImportantНетНет
CVE-2026-54988Microsoft Excel Information Disclosure VulnerabilityInformation Disclosure6.1ImportantНетНет
CVE-2026-50383Windows Print Spooler Information Disclosure VulnerabilityInformation Disclosure6.1ImportantНетНет
CVE-2026-50453Windows USB Audio Class Driver Information Disclosure VulnerabilityInformation Disclosure6.1ImportantНетНет
CVE-2026-50495DNS Client Tampering VulnerabilityTampering6.1ImportantНетНет
CVE-2026-55898Microsoft Excel Information Disclosure VulnerabilityInformation Disclosure6.1ImportantНетНет
CVE-2026-58291Microsoft Edge (Chromium-based) Information Disclosure VulnerabilityInformation Disclosure6.1ImportantНетНет
CVE-2026-58638Windows Boot Loader Security Feature Bypass VulnerabilitySecurity Feature Bypass6.0ImportantНетНет
CVE-2026-50324Windows Active Directory Federation Services Denial of Service VulnerabilityDenial of Service5.9ImportantНетНет
CVE-2026-56649Windows Network File System Remote Code Execution VulnerabilityRemote Code Execution5.9ImportantНетНет
CVE-2026-34349Windows Media Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-34346Windows Ancillary Function Driver for WinSock Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-49177Windows TCP/IP Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-45496Visual Studio Code Security Feature Bypass VulnerabilitySecurity Feature Bypass5.5ImportantНетНет
CVE-2026-54997Windows SMB Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-58614Windows Kernel Security Feature Bypass VulnerabilitySecurity Feature Bypass5.5ImportantНетНет
CVE-2026-33842Windows File Explorer Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-34328Windows Audio Service Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-40422Windows File Explorer Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-41087Windows File Explorer Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-49180Universal Plug and Play (upnp.dll) Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-49801Windows SMB Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50316Windows Kernel Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50295Windows Zero Trust DNS Security Feature Bypass VulnerabilitySecurity Feature Bypass5.5ImportantНетНет
CVE-2026-50350Windows Trusted Runtime Interface Driver Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50381Composite Image File System driver (cimfs.sys) Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50300Windows DWM Core Library Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50303Windows Key Guard Security Feature Bypass VulnerabilitySecurity Feature Bypass5.5ImportantНетНет
CVE-2026-50341Windows NTFS Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50434Windows Push Notification Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50339Windows Push Notification Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50430Windows Push Notification Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50377Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege5.5ImportantНетНет
CVE-2026-50401Windows Cloud Files Mini Filter Driver Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50334Windows Push Notification Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50352Windows Cryptographic Services Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50437Windows DWM Core Library Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50455Universal Plug and Play (upnp.dll) Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50409Windows Overlay Filter Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50473Windows File Explorer Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50442Windows File Explorer Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50389Windows File Explorer Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50456Windows File Explorer Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50431Windows Quality of Service (QoS) Packet Scheduler Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50394Windows Media Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50475Windows Kernel Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50483Windows Graphics Component Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50681Windows Secure Channel Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50690Windows SMB Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-48580Microsoft Excel Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-50408Microsoft Excel Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-55046Microsoft Excel Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-55023Microsoft Office Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-55027Microsoft Office Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-55028Microsoft Office Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-55047Microsoft Office Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-55050Microsoft Word Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-55138Microsoft Excel Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-55124Microsoft Word Information Disclosure VulnerabilityRemote Code Execution5.5ImportantНетНет
CVE-2026-55035Microsoft Office Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-55057Microsoft Office Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-55142Microsoft Word Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-55042Microsoft Office Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-55139Microsoft Office Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-56184Win32k Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-56192Microsoft Office Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-56195Microsoft Office Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-56178Microsoft Defender for Endpoint for Mac Elevation of Privilege VulnerabilityElevation of Privilege5.5ImportantНетНет
CVE-2026-57083Windows Media Photo Codec Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-57084Windows File Explorer Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-57085Windows Print Spooler Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-58547Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege VulnerabilityElevation of Privilege5.5ImportantНетНет
CVE-2026-58545Windows Kernel Security Feature Bypass VulnerabilitySecurity Feature Bypass5.5ImportantНетНет
CVE-2026-55121Microsoft Office Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2026-45488Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing5.4ModerateНетНет
CVE-2026-58278Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing5.4ImportantНетНет
CVE-2026-56157Microsoft SharePoint Server Spoofing VulnerabilitySpoofing5.4ImportantНетНет
CVE-2026-58524Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing5.4ImportantНетНет
CVE-2026-44806Windows Secure Channel Denial of Service VulnerabilityDenial of Service5.3ImportantНетНет
CVE-2026-50432Window Virtual Filtering Platform (VFP) Denial of Service VulnerabilityDenial of Service5.3ImportantНетНет
CVE-2026-50415Windows Media Information Disclosure VulnerabilityInformation Disclosure5.3ImportantНетНет
CVE-2026-50418Windows System Secure Feature Bypass VulnerabilitySecurity Feature Bypass5.1ImportantНетНет
CVE-2026-26145Microsoft Azure Synapse Elevation of Privilege VulnerabilityElevation of Privilege4.8CriticalНетНет
CVE-2026-50684Active Directory Federation Server Spoofing VulnerabilitySpoofing4.8ImportantНетНет
CVE-2026-49167Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege4.7ImportantНетНет
CVE-2026-50310Windows Human Interface Device Information Disclosure VulnerabilityInformation Disclosure4.7ImportantНетНет
CVE-2026-50312Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityElevation of Privilege4.7ImportantНетНет
CVE-2026-50657Microsoft Defender for Endpoint for Mac Information Disclosure VulnerabilityInformation Disclosure4.7ImportantНетНет
CVE-2026-49794Windows USB Audio Class Driver Information Disclosure VulnerabilityInformation Disclosure4.6ImportantНетНет
CVE-2026-55016Microsoft SharePoint Server Spoofing VulnerabilitySpoofing4.6ImportantНетНет
CVE-2026-55019Microsoft SharePoint Server Spoofing VulnerabilitySpoofing4.6ImportantНетНет
CVE-2026-55020Microsoft SharePoint Server Spoofing VulnerabilitySpoofing4.6ImportantНетНет
CVE-2026-55030Microsoft SharePoint Server Spoofing VulnerabilitySpoofing4.6ImportantНетНет
CVE-2026-55135Microsoft SharePoint Server Spoofing VulnerabilitySpoofing4.6ImportantНетНет
CVE-2026-50485Windows Hyper-V Denial of Service VulnerabilityDenial of Service4.5ImportantНетНет
CVE-2026-58597Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing4.3LowНетНет
CVE-2026-55945Microsoft Edge (Chromium-based) Information Disclosure VulnerabilityInformation Disclosure4.2ModerateНетНет
CVE-2026-50302Windows Cryptographic Services Security Feature Bypass VulnerabilitySecurity Feature Bypass4.2ImportantНетНет
CVE-2026-50419Windows Kernel Information Disclosure VulnerabilityInformation Disclosure3.3ImportantНетНет
CVE-2026-50416Win32k Information Disclosure VulnerabilityInformation Disclosure3.3ImportantНетНет

Ретроспективный анализ уязвимостей

  • CVE-2026-26114 - Microsoft SharePoint Server Remote Code Execution Vulnerability (Remote Code Execution). Уязвимость десериализации недоверенных данных, позволяющая авторизованному злоумышленнику с минимальными правами участника сайта (Site Member) выполнить произвольный код на сервере. Опубликованный PoC демонстрирует эксплуатацию полной цепочки (full-chain): использование SQL-инъекции в компоненте Taxonomy для внедрения специально сформированного объекта в системную таблицу, который затем автоматически десериализуется фоновой службой SharePoint (OWSTIMER). Уязвимость была исправлена в марте 2026 года.

  • CVE-2026-33829 - Windows Snipping Tool Spoofing Vulnerability (Spoofing). Уязвимость в приложении «Ножницы» (Snipping Tool), позволяющая раскрыть Net-NTLM хэши пользователей. Проблема связана с недостаточной валидацией входных данных в зарегистрированном обработчике URI-схемы ms-screensketch. Злоумышленник может обманом заставить жертву перейти по специально подготовленной ссылке, параметр filePath в которой указывает на внешний SMB-ресурс. При переходе и подтверждении запуска приложения система автоматически пытается загрузить файл по сети, передавая NTLM-хэш пользователя на сервер атакующего. На GitHub опубликован детальный разбор для данной уязвимости. Она была исправлена в апреле 2026 года.

  • CVE-2026-47291 — HTTP.sys Remote Code Execution Vulnerability (Remote Code Execution). Уязвимость представляет собой целочисленное переполнение, приводящее к переполнению буфера в куче ядра Windows при обработке HTTP-запросов драйвером HTTP.sys. Проблема возникает из-за некорректного приведения типов при увеличении счетчика лимита заголовков, в результате чего под новый массив выделяется буфер недостаточного размера. Неаутентифицированный злоумышленник может направить специально созданный HTTP- или HTTP/2-запрос со множеством заголовков, что вызывает перезапись памяти ядра во время копирования данных и позволяет удаленно выполнить произвольный код с системными привилегиями. На GitHub доступен PoC, демонстрирующий механизм переполнения счетчика при отправке большого количества заголовков. Уязвимость была исправлена в июне 2026 года.

  • CVE-2026-45504 — Microsoft Exchange Server Elevation of Privilege Vulnerability (Elevation of Privilege). Уязвимость типа Server-Side Request Forgery (SSRF), связанная с некорректной валидацией путей при обработке внешних вложений (Reference Attachments). Авторизованный злоумышленник с низким уровнем привилегий и активным почтовым ящиком может создать сообщение со ссылкой на внешний контролируемый ресурс, который при обращении возвращает XML-ответ с локальным путем (например, к системным файлам). При вызове функции предварительного просмотра вложения в OWA (GetAttachmentPreview) сервер Exchange обрабатывает этот путь и возвращает содержимое локального файла пользователю, что позволяет обойти ограничения доступа и повысить привилегии в системе. На GitHub доступен PoC демонстрирующий данную уязвимость. Уязвимость была исправлена в июне 2026 года.

  • CVE-2026-42980 — Windows NT OS Kernel Elevation of Privilege Vulnerability (Elevation of Privilege). Уязвимость связана с целочисленным переполнением снизу (Integer Underflow) в подсистеме WMI ядра Windows (ntoskrnl.exe) при вызове функций WmipQueryAllDataMultiple (IOCTL 0x22812C) и WmipQuerySingleMultiple (IOCTL 0x228130). Из-за некорректного вычитания размера данных из беззнакового 32-битного счетчика оставшегося буфера переменная длины принимает критически большое значение. Это позволяет локальному пользователю спровоцировать переполнение буфера в куче ядра, перезаписать смежные структуры именованных каналов (NP_DATA_QUEUE_ENTRY) и повысить свои привилегии до уровня SYSTEM. На GitHub доступно подробное техническое описание и PoC для данной уязвимости. Уязвимость была исправлена в июне 2026 года.

Вывод

Июльский выпуск обновлений — это беспрецедентный вызов для ИТ-инфраструктуры любой организации. Обработать 622 уязвимости за стандартный цикл тестирования практически невозможно, поэтому критически важна приоритизация.

Рекомендуемый план действий на июль:

  1. Срочное закрытие уязвимостей «нулевого дня» (Zero-Days):
    • Немедленно обновите серверы аутентификации AD FS (CVE-2026-56155), чтобы исключить компрометацию учетных записей.
    • Установите патчи на серверы SharePoint (CVE-2026-56164) и настройте интеграцию с AMSI для инспекции входящего веб-трафика.
  2. Защита облачных систем и виртуализации: Обновите гипервизоры Hyper-V (для закрытия бреши в VMSwitch) и синхронизируйте политики безопасности для облачных платформ Entra и Azure OpenAI.
  3. Защита сетевых служб (RCE): Накатите обновления на критически важные серверные роли — DHCP-серверы и серверы баз данных SQL Server.
  4. Мобильные устройства: Установите накопительные обновления на корпоративные ноутбуки для закрытия публичной бреши в BitLocker (CVE-2026-50661).

Внимание на ретроспективный анализ: Ситуацию усложняет тот факт, что за прошедший месяц в публичном доступе (включая GitHub) появились детальные разборы и PoC-эксплойты для критических уязвимостей июня и весны. Среди них: опаснейший RCE в HTTP.sys (CVE-2026-47291), SSRF в Exchange Server (CVE-2026-45504) и логические обходы аутентификации SMB (CVE-2026-24294). Если вы не закрыли эти бреши ранее, ваша сеть подвергается огромному риску прямо сейчас, еще до начала анализа июльского сверхпакета обновлений. Ликвидация технического долга по патчам за прошлые месяцы должна идти параллельно с закрытием Zero-Day уязвимостей июля.

Paranoid Security Анализ обновлений Microsoft Patch Tuesday – Июнь 2026 9 июня
MS Patch Tuesday Анализ обновлений Microsoft Patch Tuesday – Июнь 2026
Paranoid Security Анализ обновлений Microsoft Patch Tuesday – Май 2026 12 мая
MS Patch Tuesday Анализ обновлений Microsoft Patch Tuesday – Май 2026
Paranoid Security Анализ обновлений Microsoft Patch Tuesday – Апрель 2026 14 апреля
MS Patch Tuesday Анализ обновлений Microsoft Patch Tuesday – Апрель 2026