Microsoft Patch Tuesday Analysis – July 2026
Executive Summary
On Tuesday, July 14, 2026, Microsoft released its monthly security update, addressing 622 vulnerabilities across its products.
By Severity:
- Critical - 62;
- Moderate - 6;
- Important - 553;
- Low - 1.
Exploited (Zero-Days) and Publicly Disclosed Vulnerabilities
Particular attention should be paid to the following 3 vulnerabilities. Addressing them is the highest priority:
- CVE-2026-56155 (CVSS 7.8; Important) - Active Directory Federation Services Elevation of Privilege Vulnerability (Elevation of Privilege). This vulnerability is caused by insufficient access control granularity (CWE-1220) in Active Directory Federation Services (AD FS). An authorized, low-privileged attacker can exploit this flaw to locally bypass access restrictions and elevate their privileges to administrator level.
- CVE-2026-56164 (CVSS 5.3; Moderate) - Microsoft SharePoint Server Elevation of Privilege Vulnerability (Elevation of Privilege). This vulnerability is caused by a missing authentication for a critical function (CWE-306) in Microsoft SharePoint Server. A remote, unauthorized attacker can exploit this flaw over the network with low complexity and without any user interaction, allowing them to elevate privileges in the system. To protect against and detect potential attacks, it is recommended to enable AMSI (Antimalware Scan Interface) integration and configure full scanning of POST request bodies for IIS worker processes.
- CVE-2026-50661 (CVSS 6.1; Important) - Windows BitLocker Security Feature Bypass Vulnerability (Security Feature Bypass). This vulnerability is related to a protection mechanism failure in Windows BitLocker (CWE-693). An attacker with direct physical access to the target device can exploit this vulnerability to bypass the BitLocker Device Encryption feature, allowing unauthorized access to protected and encrypted data on the system drive.
General Trends
The July 2026 Patch Tuesday was an unprecedented event in the history of Microsoft updates. The company released patches for a record-breaking 622 vulnerabilities, 62 of which are rated "Critical." This massive volume—effectively replacing three to four standard monthly updates—places an extreme workload on system administration and cybersecurity teams. Key trends of this large-scale release include:
- Releasing over 600 patches at once indicates either the discovery of a major systemic issue in Windows base libraries or the accumulation of findings from long-term security audits. In either case, organizations are required to adjust their patch prioritization strategies.
- Active attacks on identity and collaboration services: Special attention must be paid to two vulnerabilities that are already actively exploited by attackers (Zero-Days). The first is CVE-2026-56155 in AD FS (Active Directory Federation Services). Compromising a Single Sign-On (SSO) entry point allows attackers to gain access to dozens of linked enterprise services. The second is another flaw in SharePoint Server (CVE-2026-56164), which requires not only a patch but also deep configuration of POST request scanning via AMSI for adequate protection.
- Impact on cloud AI platforms and virtualization: Microsoft addressed critical elevation of privilege vulnerabilities (CVSS 9.9) in Azure OpenAI (CVE-2026-45499) and the Microsoft Entra directory service (CVE-2026-57100). A dangerous flaw was also fixed in the VMSwitch virtual switch (CVE-2026-57092), which could potentially allow a virtual machine escape to the host system (Hyper-V escape).
- Infrastructure RCE threats: The network services sector remains highly vulnerable. Critical RCE bugs (CVSS 9.8) were fixed in the DHCP Server, FTP Service, the Windows Server network card driver, as well as in SQL Server and RDP.
- Physical security questioned: The publicly disclosed BitLocker bypass vulnerability (CVE-2026-50661) continues a series of spring and summer disclosures concerning methods to bypass disk encryption. This is critical for protecting information on employees' mobile devices in the event of loss.
Full List of Vulnerabilities
Below is a table listing all the vulnerabilities addressed this month.
| CVE | Title | Type | CVSS | Severity | Exploited | Publicly Disclosed |
|---|---|---|---|---|---|---|
| CVE-2026-56155 | Active Directory Federation Services Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | Yes | No |
| CVE-2026-50661 | Windows BitLocker Security Feature Bypass Vulnerability | Security Feature Bypass | 6.1 | Important | No | Yes |
| CVE-2026-56164 | Microsoft SharePoint Server Elevation of Privilege Vulnerability | Elevation of Privilege | 5.3 | Moderate | Yes | No |
| CVE-2026-45499 | Azure OpenAI Elevation of Privilege Vulnerability | Elevation of Privilege | 9.9 | Critical | No | No |
| CVE-2026-57100 | Microsoft Entra Provisioning Service Elevation of Privilege Vulnerability | Elevation of Privilege | 9.9 | Critical | No | No |
| CVE-2026-57092 | Microsoft Windows VMSwitch Elevation of Privilege Vulnerability | Elevation of Privilege | 9.9 | Critical | No | No |
| CVE-2026-42990 | SQL Server ODBC driver Elevation of Privilege Vulnerability | Remote Code Execution | 9.8 | Important | No | No |
| CVE-2026-49172 | Windows FTP Service Remote Code Execution Vulnerability | Remote Code Execution | 9.8 | Important | No | No |
| CVE-2026-54990 | Remote Desktop Client Remote Code Execution Vulnerability | Remote Code Execution | 9.8 | Important | No | No |
| CVE-2026-50522 | Microsoft SharePoint Remote Code Execution Vulnerability | Remote Code Execution | 9.8 | Critical | No | No |
| CVE-2026-58644 | Microsoft SharePoint Remote Code Execution Vulnerability | Remote Code Execution | 9.8 | Critical | No | No |
| CVE-2026-50447 | Windows Message Queuing Service (MSMQ) Remote Code Execution Vulnerability | Remote Code Execution | 9.8 | Important | No | No |
| CVE-2026-50518 | Windows DHCP Server Remote Code Execution Vulnerability | Remote Code Execution | 9.8 | Critical | No | No |
| CVE-2026-55010 | Minecraft Bedrock Dedicated Server Remote Code Execution Vulnerability | Remote Code Execution | 9.8 | Critical | No | No |
| CVE-2026-55944 | Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability | Remote Code Execution | 9.8 | Critical | No | No |
| CVE-2026-56159 | DHCP Server Service Remote Code Execution Vulnerability | Remote Code Execution | 9.8 | Critical | No | No |
| CVE-2026-56190 | Remote Desktop Protocol Remote Code Execution Vulnerability | Remote Code Execution | 9.8 | Important | No | No |
| CVE-2026-56188 | Windows Server Network driver Remote Code Execution Vulnerability | Remote Code Execution | 9.8 | Critical | No | No |
| CVE-2026-48561 | Microsoft Copilot Remote Code Execution Vulnerability | Remote Code Execution | 9.6 | Critical | No | No |
| CVE-2026-50380 | Windows GDI+ Remote Code Execution Vulnerability | Remote Code Execution | 9.6 | Critical | No | No |
| CVE-2026-55008 | Microsoft Exchange Server Spoofing Vulnerability | Spoofing | 9.6 | Critical | No | No |
| CVE-2026-41106 | Microsoft 365 Copilot Elevation of Privilege Vulnerability | Elevation of Privilege | 9.3 | Critical | No | No |
| CVE-2026-49798 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 9.3 | Important | No | No |
| CVE-2026-55040 | Microsoft SharePoint Server Security Feature Bypass Vulnerability | Security Feature Bypass | 9.1 | Critical | No | No |
| CVE-2026-58289 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 9.0 | Important | No | No |
| CVE-2026-54998 | Microsoft Exchange Online Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Critical | No | No |
| CVE-2026-47303 | ASP.NET Core Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-50663 | Game: Age of Empires II: Definitive Edition Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Important | No | No |
| CVE-2026-54107 | Windows Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-54982 | Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | No | No |
| CVE-2026-54999 | Windows TCP/IP Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | No | No |
| CVE-2026-54117 | Microsoft SQL Server Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | No | No |
| CVE-2026-54118 | Microsoft SQL Server Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | No | No |
| CVE-2026-57969 | Azure CycleCloud Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-57981 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Important | No | No |
| CVE-2026-56645 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Important | No | No |
| CVE-2026-58608 | Windows Print Spooler Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | No | No |
| CVE-2026-47632 | Azure Monitor Agent Metrics Extension Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-48564 | DHCP Server Service Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | No | No |
| CVE-2026-49178 | Windows Active Directory Domain Services Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Important | No | No |
| CVE-2026-49795 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-50342 | Windows MIDI Service Module Elevation of Privileges Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-50360 | Windows SMB Server Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-50370 | DHCP Server Service Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | No | No |
| CVE-2026-50398 | Windows Media Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-50382 | DirectX Graphics Kernel Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | No | No |
| CVE-2026-50369 | Windows Remote Desktop Services Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-50385 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-50413 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-50438 | Microsoft PC Manager Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-50474 | Remote Desktop Client Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | No | No |
| CVE-2026-50444 | Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Critical | No | No |
| CVE-2026-50477 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-50489 | Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-47295 | Microsoft SQL Server Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-50666 | Windows Remote Access Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-50670 | Windows Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-54121 | Active Directory Certificate Services Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Critical | No | No |
| CVE-2026-50687 | Windows Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-50692 | Desktop Window Manager Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-55052 | Microsoft SharePoint Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-41109 | GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability | Security Feature Bypass | 8.8 | Important | No | No |
| CVE-2026-56196 | Windows Admin Center (WAC) Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Important | No | No |
| CVE-2026-56197 | Windows Admin Center (WAC) Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Important | No | No |
| CVE-2026-56642 | Microsoft Fabric Data Warehouse Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Important | No | No |
| CVE-2026-56194 | Windows NFS Server Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-56647 | Windows Remote Access Service Infrastructure Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-57090 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | No | No |
| CVE-2026-57094 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | No | No |
| CVE-2026-57087 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Critical | No | No |
| CVE-2026-57102 | Visual Studio Code Security Feature Bypass Vulnerability | Security Feature Bypass | 8.8 | Important | No | No |
| CVE-2026-57974 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Important | No | No |
| CVE-2026-58277 | Microsoft SharePoint Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-58534 | Windows Input Method Editor (IME) Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-58594 | Remote Desktop Client Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Important | No | No |
| CVE-2026-58626 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Important | No | No |
| CVE-2026-55005 | Microsoft Exchange Server Remote Code Execution Vulnerability | Remote Code Execution | 8.8 | Important | No | No |
| CVE-2026-47300 | ASP.NET Core Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-47301 | Configuration Manager Elevation of Privilege Vulnerability | Elevation of Privilege | 8.8 | Important | No | No |
| CVE-2026-57983 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | Security Feature Bypass | 8.7 | Important | No | No |
| CVE-2026-50340 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 8.5 | Important | No | No |
| CVE-2026-54992 | Microsoft Message Queuing Queue Manager Remote Code Execution Vulnerability | Remote Code Execution | 8.4 | Critical | No | No |
| CVE-2026-54122 | Windows GDI+ Remote Code Execution Vulnerability | Remote Code Execution | 8.4 | Important | No | No |
| CVE-2026-50520 | Visual Studio Code Remote Code Execution Vulnerability | Remote Code Execution | 8.4 | Important | No | No |
| CVE-2026-49184 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 8.4 | Important | No | No |
| CVE-2026-54128 | Windows DHCP Client Remote Code Execution Vulnerability | Remote Code Execution | 8.4 | Critical | No | No |
| CVE-2026-55045 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 8.4 | Critical | No | No |
| CVE-2026-58281 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 8.3 | Important | No | No |
| CVE-2026-58284 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 8.3 | Important | No | No |
| CVE-2026-58285 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 8.3 | Important | No | No |
| CVE-2026-58287 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 8.3 | Important | No | No |
| CVE-2026-58288 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 8.3 | Important | No | No |
| CVE-2026-58295 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | Security Feature Bypass | 8.3 | Important | No | No |
| CVE-2026-58596 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Elevation of Privilege | 8.3 | Important | No | No |
| CVE-2026-56181 | Windows Network Address Translation (NAT) Spoofing Vulnerability | Spoofing | 8.3 | Moderate | No | No |
| CVE-2026-50338 | Azure Spring Apps Elevation of Privilege Vulnerability | Elevation of Privilege | 8.2 | Important | No | No |
| CVE-2026-50429 | Windows Kernel Information Disclosure Vulnerability | Information Disclosure | 8.2 | Important | No | No |
| CVE-2026-50528 | .NET Security Feature Bypass Vulnerability | Security Feature Bypass | 8.2 | Important | No | No |
| CVE-2026-50680 | Windows Hyper-V Elevation of Privilege Vulnerability | Elevation of Privilege | 8.2 | Critical | No | No |
| CVE-2026-58525 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | Security Feature Bypass | 8.2 | Important | No | No |
| CVE-2026-42900 | Microsoft Windows App Store Elevation of Privilege Vulnerability | Elevation of Privilege | 8.1 | Important | No | No |
| CVE-2026-49164 | Windows Active Directory Domain Services Remote Code Execution Vulnerability | Remote Code Execution | 8.1 | Critical | No | No |
| CVE-2026-54995 | Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability | Remote Code Execution | 8.1 | Critical | No | No |
| CVE-2026-56169 | Windows Admin Center Elevation of Privilege Vulnerability | Elevation of Privilege | 8.1 | Important | No | No |
| CVE-2026-50694 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | Remote Code Execution | 8.1 | Critical | No | No |
| CVE-2026-58595 | Microsoft Bing App for IOS Spoofing Vulnerability | Spoofing | 8.1 | Important | No | No |
| CVE-2026-47304 | .NET Security Feature Bypass Vulnerability | Security Feature Bypass | 8.1 | Important | No | No |
| CVE-2026-50460 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 8.1 | Important | No | No |
| CVE-2026-50439 | Microsoft Message Queuing Queue Manager Remote Code Execution Vulnerability | Remote Code Execution | 8.1 | Important | No | No |
| CVE-2026-50487 | Windows DNS Client Elevation of Privilege Vulnerability | Elevation of Privilege | 8.1 | Important | No | No |
| CVE-2026-50686 | Windows OLE Remote Code Execution Vulnerability | Remote Code Execution | 8.1 | Important | No | No |
| CVE-2026-56186 | Windows Secure Channel Information Disclosure Vulnerability | Information Disclosure | 8.1 | Important | No | No |
| CVE-2026-58282 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 8.1 | Important | No | No |
| CVE-2026-58283 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 8.1 | Important | No | No |
| CVE-2026-58286 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 8.1 | Important | No | No |
| CVE-2026-58293 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 8.1 | Important | No | No |
| CVE-2026-58617 | M365 Copilot for iOS Elevation of Privilege Vulnerability | Elevation of Privilege | 8.1 | Important | No | No |
| CVE-2026-42975 | Windows Bluetooth Port Driver Remote Code Execution | Remote Code Execution | 8.0 | Important | No | No |
| CVE-2026-49169 | Windows DNS Server Remote Code Execution Vulnerability | Remote Code Execution | 8.0 | Important | No | No |
| CVE-2026-58647 | Microsoft PowerBI Report Server Spoofing Vulnerability | Spoofing | 8.0 | Important | No | No |
| CVE-2026-40400 | Windows PowerShell Remote Code Execution Vulnerability | Remote Code Execution | 8.0 | Important | No | No |
| CVE-2026-50365 | Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability | Elevation of Privilege | 8.0 | Important | No | No |
| CVE-2026-50502 | Windows Event Logging Service Remote Code Execution Vulnerability | Remote Code Execution | 8.0 | Important | No | No |
| CVE-2026-50683 | Windows DHCP Client Elevation of Privilege Vulnerability | Elevation of Privilege | 8.0 | Important | No | No |
| CVE-2026-42982 | Windows Secure Kernel Mode Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Critical | No | No |
| CVE-2026-47296 | Microsoft SQL Server Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-49166 | Windows Print Configuration Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-49170 | Windows StateRepository API Server file Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-49176 | Windows WalletService Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-49175 | Windows DNS Client Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-49173 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-54987 | Windows Overlay Filter Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50697 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-54991 | Windows USB Print Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-54986 | Windows Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-54993 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55001 | Active Directory Domain Services Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-54112 | Windows Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-55004 | Windows Print Configuration Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-54109 | Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-54114 | Windows Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-55011 | Microsoft Defender Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | No | No |
| CVE-2026-55012 | Microsoft Defender Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | No | No |
| CVE-2026-55002 | Microsoft SQL Server Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50675 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55899 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55948 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-57107 | Windows Admin Center Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-55014 | Windows Remote Help Defense Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-58601 | Virtual Hard Disk (VHD) Miniport Driver Elevation of Privilege Vulernability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-58602 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-58609 | Windows Graphics Component Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-58610 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-58618 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-58631 | Windows Admin Center (WAC) Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-58635 | Windows Narrator Braille Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-58636 | Microsoft PC Manager Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-44800 | Windows Push Notifications Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-48581 | Surface Broker SDMA Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-49783 | Secure Boot Security Feature Bypass Vulnerability | Security Feature Bypass | 7.8 | Important | No | No |
| CVE-2026-49792 | Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-49793 | Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-49796 | Windows GDI+ Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | No | No |
| CVE-2026-49797 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-49800 | Windows Web Proxy Auto-Discovery Protocol (WPAD) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50308 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-50311 | Windows Server Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50333 | Windows Spaceport.sys Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50318 | Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50351 | Windows Audio Compression Manager (ACM) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-49808 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50293 | Windows Internal Task Bar Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50332 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50305 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50329 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50363 | Windows Push Notifications Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50306 | Windows TCP/IP Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50412 | Windows NTFS Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50337 | Windows Notification Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50386 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-50400 | Windows App Package Installer Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50309 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-50326 | Windows Unified Consent System Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50313 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-50440 | Windows Audio Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50327 | Windows Media Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | No | No |
| CVE-2026-50407 | Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50331 | Windows Application Model Core API Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50343 | Microsoft Install Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50347 | Windows Data.dll Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-50321 | Windows USB Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50425 | Windows Internal System User Profile Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50315 | Windows Image Acquisition Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50357 | Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-50335 | Windows Operating Systems Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50361 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50317 | Windows Operating Systems Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50373 | Windows Search Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50353 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50388 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-50336 | Windows Media Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50433 | Windows Media Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50391 | Windows Group Policy Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50423 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50378 | Windows Key Guard Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50346 | Netlogon RPC Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50405 | Windows Filtering Platform Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50448 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-50387 | Windows GDI Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50344 | Windows OLE Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50436 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50471 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-50469 | Windows Projected File System Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50454 | Windows User Interface Core Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50427 | Content Delivery Manager Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50422 | Windows NTFS Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50421 | Windows Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50367 | Windows Sensor Data Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50466 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50402 | NTFS Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50435 | Windows Overlay Filter Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50441 | Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50462 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50457 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50399 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50461 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-50417 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-50362 | Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-50458 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50476 | Windows Network Connections Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50450 | Windows Network Connections Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50478 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50479 | Windows USB Hub Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50480 | Windows Web Proxy Auto-Discovery Protocol (WPAD) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50484 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50493 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50486 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50488 | Clipboard User Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50499 | Windows Print Spooler Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50494 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-50498 | Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50501 | Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-50509 | Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50510 | GitHub Copilot Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-50646 | .NET Framework Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-50649 | .NET Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-50650 | .NET Framework Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50655 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | No | No |
| CVE-2026-50667 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50673 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50676 | Windows Media Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50677 | Windows Media Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-54115 | Windows Message Queuing (MSMQ) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50679 | Windows Search Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50688 | Windows Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-50689 | Windows Clipboard Server Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-54125 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-47290 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-47642 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-50301 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-50314 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | No | No |
| CVE-2026-50467 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | No | No |
| CVE-2026-55017 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55024 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55018 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | No | No |
| CVE-2026-55022 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | No | No |
| CVE-2026-55025 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55125 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55031 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55048 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55029 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55039 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55049 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | No | No |
| CVE-2026-55032 | Microsoft Word Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55033 | Microsoft Word Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | No | No |
| CVE-2026-55041 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55127 | Microsoft Word Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | No | No |
| CVE-2026-55136 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55141 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55129 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | No | No |
| CVE-2026-55036 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55044 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55055 | Microsoft Word Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55037 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55058 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55038 | Microsoft Word Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55132 | Microsoft Word Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | No | No |
| CVE-2026-55137 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55053 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55131 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55134 | Microsoft Word Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55056 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | No | No |
| CVE-2026-55140 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | No | No |
| CVE-2026-55128 | Microsoft Word Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55130 | Microsoft Word Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55043 | Microsoft PowerPoint Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | No | No |
| CVE-2026-55133 | Microsoft OneNote Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55123 | Microsoft PowerPoint Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | No | No |
| CVE-2026-55120 | Microsoft PowerPoint Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | No | No |
| CVE-2026-54131 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55947 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-55949 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-56156 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-56176 | Windows Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-56175 | Windows NTFS Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-56182 | Windows NTFS Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-56189 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | No | No |
| CVE-2026-50665 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 7.8 | Important | No | No |
| CVE-2026-56643 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-56644 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-54124 | Windows Terminal Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-56650 | Windows Network File System Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-57091 | Windows File History Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-57088 | Extensible Storage Engine (ESENT) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-57096 | Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-57968 | Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-58527 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-58530 | Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-58538 | Windows Bluetooth Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-58540 | Windows Installer Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-58532 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-58537 | Microsoft NAT Helper Components (ipnathlp.dll) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-58536 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-58542 | Windows Media Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Critical | No | No |
| CVE-2026-58541 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-47305 | Visual Studio Remote Code Execution Vulnerability | Remote Code Execution | 7.8 | Important | No | No |
| CVE-2026-58613 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-58628 | Windows Wireless Network Manager Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-58632 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-58633 | Desktop Window Manager Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-58634 | Desktop Window Manager Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-55006 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-55009 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Elevation of Privilege | 7.8 | Important | No | No |
| CVE-2026-57985 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 7.6 | Important | No | No |
| CVE-2026-49171 | Windows Speech Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.5 | Important | No | No |
| CVE-2026-50506 | OData for ASP.NET and ASP.NET Core Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-54983 | Windows Active Directory Federation Services Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-50695 | Windows Active Directory Federation Services Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-50696 | Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-54119 | Windows Active Directory Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-50524 | .NET Framework Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-56170 | ASP.NET Core Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-57984 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | No | No |
| CVE-2026-57986 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | No | No |
| CVE-2026-57992 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | No | No |
| CVE-2026-58276 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | No | No |
| CVE-2026-50652 | Azure Active Directory Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-50653 | Azure Active Directory Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-40378 | Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-45646 | OData for ASP.NET and ASP.NET Core Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-49181 | Windows DHCP Client Elevation of Privilege Vulnerability | Elevation of Privilege | 7.5 | Important | No | No |
| CVE-2026-49787 | HTTP.sys Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-49788 | HTTP/2 Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-50304 | Windows Active Directory Federation Services Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-50328 | Windows Server Update Service (WSUS) Tampering Vulnerability | Tampering | 7.5 | Important | No | No |
| CVE-2026-50368 | Windows Active Directory Federation Services Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-50330 | Windows Remote Desktop Client Elevation of Privilege Vulnerability | Elevation of Privilege | 7.5 | Important | No | No |
| CVE-2026-50355 | Windows Active Directory Federation Services Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-50414 | Windows Media Elevation of Privilege Vulnerability | Elevation of Privilege | 7.5 | Important | No | No |
| CVE-2026-50379 | Windows Media Elevation of Privilege Vulnerability | Elevation of Privilege | 7.5 | Important | No | No |
| CVE-2026-50463 | Windows Kernel Information Disclosure Vulnerability | Information Disclosure | 7.5 | Important | No | No |
| CVE-2026-50411 | Windows Active Directory Federation Services Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-50424 | Windows Domain Controller Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-50470 | Windows Network Policy Server SNMP Information Disclosure Vulnerability | Information Disclosure | 7.5 | Important | No | No |
| CVE-2026-50500 | Windows Netlogon Elevation of Privilege Vulnerability | Elevation of Privilege | 7.5 | Important | No | No |
| CVE-2026-50505 | Windows Message Queuing Service (MSMQ) Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | No | No |
| CVE-2026-50496 | Windows Network Policy Server SNMP Information Disclosure Vulnerability | Information Disclosure | 7.5 | Important | No | No |
| CVE-2026-50525 | .NET Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-50527 | .NET Framework Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-50647 | Active Directory Federation Server Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-50648 | .NET Framework Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-50651 | .NET Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-50685 | Windows DHCP Server Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | No | No |
| CVE-2026-56648 | Windows NFS Server Elevation of Privilege Vulnerability | Elevation of Privilege | 7.5 | Important | No | No |
| CVE-2026-57089 | Windows SMB Server Network Transport Driver (srvnet.sys) Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | No | No |
| CVE-2026-57108 | .NET Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-57975 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | No | No |
| CVE-2026-58290 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | No | No |
| CVE-2026-58292 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | No | No |
| CVE-2026-58294 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | No | No |
| CVE-2026-58299 | Microsoft Edge for Android Remote Code Execution Vulnerability | Remote Code Execution | 7.5 | Important | No | No |
| CVE-2026-58531 | Windows SMB Elevation of Privilege Vulnerability | Elevation of Privilege | 7.5 | Important | No | No |
| CVE-2026-58627 | Windows DHCP Server Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-47302 | .NET Denial of Service Vulnerability | Denial of Service | 7.5 | Important | No | No |
| CVE-2026-54127 | Windows Hyper-V Elevation of Privilege Vulnerability | Elevation of Privilege | 7.4 | Critical | No | No |
| CVE-2026-57991 | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | Information Disclosure | 7.4 | Important | No | No |
| CVE-2026-57993 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 7.4 | Important | No | No |
| CVE-2026-58640 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.3 | Important | No | No |
| CVE-2026-49789 | Windows NTFS Elevation of Privilege Vulnerability | Elevation of Privilege | 7.3 | Important | No | No |
| CVE-2026-49790 | Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.3 | Important | No | No |
| CVE-2026-50364 | Windows Backup Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.3 | Important | No | No |
| CVE-2026-50482 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution | 7.3 | Important | No | No |
| CVE-2026-55021 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing | 7.3 | Important | No | No |
| CVE-2026-55034 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing | 7.3 | Important | No | No |
| CVE-2026-55126 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing | 7.3 | Important | No | No |
| CVE-2026-58298 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 7.2 | Important | No | No |
| CVE-2026-49165 | Microsoft Windows App Store Information Disclosure Vulnerability | Information Disclosure | 7.1 | Important | No | No |
| CVE-2026-55144 | Windows Cryptography API: Next Generation (CNG) Tampering Vulnerability | Tampering | 7.1 | Important | No | No |
| CVE-2026-56193 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 7.1 | Important | No | No |
| CVE-2026-57988 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Remote Code Execution | 7.1 | Important | No | No |
| CVE-2026-49791 | Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.1 | Important | No | No |
| CVE-2026-50354 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.1 | Important | No | No |
| CVE-2026-50428 | Windows Container Isolation FS Filter Driver (unionfs.sys) Information Disclosure Vulnerability | Information Disclosure | 7.1 | Important | No | No |
| CVE-2026-50451 | Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.1 | Important | No | No |
| CVE-2026-50465 | Windows DNS Client Tampering Vulnerability | Tampering | 7.1 | Important | No | No |
| CVE-2026-50682 | Active Directory Denial of Service Vulnerability | Denial of Service | 7.1 | Important | No | No |
| CVE-2026-55122 | Microsoft Excel Information Disclosure Vulnerability | Information Disclosure | 7.1 | Important | No | No |
| CVE-2026-57101 | Visual Studio Code Security Feature Bypass Vulnerability | Security Feature Bypass | 7.1 | Important | No | No |
| CVE-2026-57977 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 7.1 | Important | No | No |
| CVE-2026-58296 | Microsoft Edge for Android Information Disclosure Vulnerability | Information Disclosure | 7.1 | Important | No | No |
| CVE-2026-58297 | Microsoft Edge for Android Information Disclosure Vulnerability | Information Disclosure | 7.1 | Important | No | No |
| CVE-2026-58529 | Windows Active Directory Federation Services (ADFS) Information Disclosure Vulnerability | Information Disclosure | 7.1 | Important | No | No |
| CVE-2026-48572 | Windows App Package Installer Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-48571 | Windows App Package Installer Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-49162 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-49784 | Microsoft Windows App Store Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-54129 | Windows Hyper-V Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-54989 | Quality Windows Audio/Video Experience (QWAVE) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-54111 | Universal Print Management Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-54996 | Windows USB Print Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-58526 | Windows Storage Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-49183 | Windows Clipboard Server Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-49802 | Windows USB Print Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-49806 | Windows USB Print Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-49805 | Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-49803 | Windows AppX Deployment Extensions Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50323 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50296 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50297 | Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50325 | Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50356 | Microsoft Windows App Store Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50384 | Windows Clip Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50372 | Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50392 | Windows Secure Kernel Mode Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Critical | No | No |
| CVE-2026-50393 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50307 | Windows TCP/IP Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50396 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50390 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50452 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50348 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50345 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50322 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50404 | Windows Media Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50358 | Windows Media Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50410 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50449 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50371 | Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50403 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50397 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50406 | Windows Backup Engine Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50459 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50490 | Windows Installer Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50491 | Code Integrity DLL (ci.dll) Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50503 | Windows Runtime Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50526 | .NET Tampering Vulnerability | Tampering | 7.0 | Important | No | No |
| CVE-2026-50658 | Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50669 | Windows Telephony Server Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50672 | Windows NTFS Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50674 | Windows USB Print Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-50359 | Microsoft XML Core Services Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-56173 | Windows WebView Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-56183 | Windows MIDI Service Module Elevation of Privileges Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-56187 | Windows MIDI Service Module Elevation of Privileges Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-57093 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-58544 | Windows Management Services Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-58619 | Windows Sensor Data Service Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-58629 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-58637 | Windows Client-Side Caching Elevation of Privilege Vulnerability | Elevation of Privilege | 7.0 | Important | No | No |
| CVE-2026-49168 | Storage Spaces Direct Elevation of Privilege Vulnerability | Elevation of Privilege | 6.8 | Important | No | No |
| CVE-2026-54132 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 6.8 | Important | No | No |
| CVE-2026-50299 | Windows Storage Spaces Direct Remote Code Execution Vulnerability | Remote Code Execution | 6.8 | Important | No | No |
| CVE-2026-50298 | Windows Spaceport.sys Elevation of Privilege Vulnerability | Elevation of Privilege | 6.8 | Important | No | No |
| CVE-2026-50426 | Windows DNS Server Remote Code Execution Vulnerability | Remote Code Execution | 6.8 | Important | No | No |
| CVE-2026-50492 | Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | Remote Code Execution | 6.8 | Important | No | No |
| CVE-2026-50668 | Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability | Elevation of Privilege | 6.8 | Important | No | No |
| CVE-2026-58522 | Microsoft Edge for Android Information Disclosure Vulnerability | Information Disclosure | 6.8 | Important | No | No |
| CVE-2026-58528 | Windows USB Audio Class Driver Information Disclosure Vulnerability | Information Disclosure | 6.8 | Important | No | No |
| CVE-2026-50678 | Microsoft Excel Information Disclosure Vulnerability | Information Disclosure | 6.6 | Important | No | No |
| CVE-2026-49804 | Windows USB Video Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 6.6 | Important | No | No |
| CVE-2026-45489 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 6.5 | Moderate | No | No |
| CVE-2026-47282 | GitHub Copilot and Visual Studio Code Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | No | No |
| CVE-2026-55003 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | No | No |
| CVE-2026-54108 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing | 6.5 | Important | No | No |
| CVE-2026-56185 | Windows Admin Center Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | No | No |
| CVE-2026-57976 | Windows Active Directory Domain Services Denial of Service Vulnerability | Denial of Service | 6.5 | Important | No | No |
| CVE-2026-57979 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | No | No |
| CVE-2026-57987 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 6.5 | Important | No | No |
| CVE-2026-58279 | Azure CycleCloud Elevation of Privilege Vulnerability | Elevation of Privilege | 6.5 | Important | No | No |
| CVE-2026-56646 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 6.5 | Important | No | No |
| CVE-2026-34348 | Windows Event Logging Service Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | No | No |
| CVE-2026-49799 | Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability | Denial of Service | 6.5 | Important | No | No |
| CVE-2026-50366 | Windows Active Directory Domain Services Denial of Service Vulnerability | Denial of Service | 6.5 | Important | No | No |
| CVE-2026-50376 | Windows Remote Desktop Client Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | No | No |
| CVE-2026-50445 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | No | No |
| CVE-2026-50497 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | No | No |
| CVE-2026-50504 | Windows Remote Desktop Client Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | No | No |
| CVE-2026-50659 | .NET Spoofing Vulnerability | Spoofing | 6.5 | Important | No | No |
| CVE-2026-54126 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | No | No |
| CVE-2026-55054 | Microsoft Excel Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | No | No |
| CVE-2026-55051 | Microsoft SharePoint Server Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | No | No |
| CVE-2026-50468 | Microsoft SQL Server Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | No | No |
| CVE-2026-54116 | Microsoft SQL Server Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | No | No |
| CVE-2026-56168 | Windows SMB Server Denial of Service Vulnerability | Denial of Service | 6.5 | Important | No | No |
| CVE-2026-57982 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | No | No |
| CVE-2026-58523 | Microsoft Edge for Android Security Feature Bypass Vulnerability | Security Feature Bypass | 6.5 | Important | No | No |
| CVE-2026-58533 | Windows Remote Desktop Client Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | No | No |
| CVE-2026-58535 | Windows Remote Desktop Client Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | No | No |
| CVE-2026-58546 | Windows Remote Desktop Client Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | No | No |
| CVE-2026-58539 | Windows Remote Desktop Client Information Disclosure Vulnerability | Information Disclosure | 6.5 | Important | No | No |
| CVE-2026-55000 | Windows USB Print Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 6.4 | Important | No | No |
| CVE-2026-57097 | Microsoft XML Security Feature Bypass Vulnerability | Security Feature Bypass | 6.4 | Important | No | No |
| CVE-2026-50375 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 6.3 | Important | No | No |
| CVE-2026-50374 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Elevation of Privilege | 6.3 | Important | No | No |
| CVE-2026-57973 | Windows Subsystem for Linux (WSL2) Kernel Tampering Vulnerability | Tampering | 6.3 | Important | No | No |
| CVE-2026-58543 | Universal Print Management Service Elevation of Privilege Vulnerability | Elevation of Privilege | 6.3 | Important | No | No |
| CVE-2026-55145 | Outlook Copilot Tampering Vulnerability | Tampering | 6.3 | Moderate | No | No |
| CVE-2026-50294 | Windows Kernel Information Disclosure Vulnerability | Information Disclosure | 6.2 | Important | No | No |
| CVE-2026-49807 | Windows DirectX Information Disclosure Vulnerability | Information Disclosure | 6.2 | Important | No | No |
| CVE-2026-50420 | HTTP.sys Information Disclosure Vulnerability | Information Disclosure | 6.2 | Important | No | No |
| CVE-2026-55026 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 6.2 | Important | No | No |
| CVE-2026-57095 | Win32k Elevation of Privilege Vulnerability | Elevation of Privilege | 6.2 | Important | No | No |
| CVE-2026-58300 | Microsoft Edge for Android Information Disclosure Vulnerability | Information Disclosure | 6.2 | Important | No | No |
| CVE-2026-49174 | DNS Client Tampering Vulnerability | Tampering | 6.1 | Important | No | No |
| CVE-2026-54988 | Microsoft Excel Information Disclosure Vulnerability | Information Disclosure | 6.1 | Important | No | No |
| CVE-2026-50383 | Windows Print Spooler Information Disclosure Vulnerability | Information Disclosure | 6.1 | Important | No | No |
| CVE-2026-50453 | Windows USB Audio Class Driver Information Disclosure Vulnerability | Information Disclosure | 6.1 | Important | No | No |
| CVE-2026-50495 | DNS Client Tampering Vulnerability | Tampering | 6.1 | Important | No | No |
| CVE-2026-55898 | Microsoft Excel Information Disclosure Vulnerability | Information Disclosure | 6.1 | Important | No | No |
| CVE-2026-58291 | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | Information Disclosure | 6.1 | Important | No | No |
| CVE-2026-58638 | Windows Boot Loader Security Feature Bypass Vulnerability | Security Feature Bypass | 6.0 | Important | No | No |
| CVE-2026-50324 | Windows Active Directory Federation Services Denial of Service Vulnerability | Denial of Service | 5.9 | Important | No | No |
| CVE-2026-56649 | Windows Network File System Remote Code Execution Vulnerability | Remote Code Execution | 5.9 | Important | No | No |
| CVE-2026-34349 | Windows Media Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-34346 | Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-49177 | Windows TCP/IP Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-45496 | Visual Studio Code Security Feature Bypass Vulnerability | Security Feature Bypass | 5.5 | Important | No | No |
| CVE-2026-54997 | Windows SMB Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-58614 | Windows Kernel Security Feature Bypass Vulnerability | Security Feature Bypass | 5.5 | Important | No | No |
| CVE-2026-33842 | Windows File Explorer Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-34328 | Windows Audio Service Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-40422 | Windows File Explorer Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-41087 | Windows File Explorer Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-49180 | Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-49801 | Windows SMB Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50316 | Windows Kernel Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50295 | Windows Zero Trust DNS Security Feature Bypass Vulnerability | Security Feature Bypass | 5.5 | Important | No | No |
| CVE-2026-50350 | Windows Trusted Runtime Interface Driver Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50381 | Composite Image File System driver (cimfs.sys) Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50300 | Windows DWM Core Library Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50303 | Windows Key Guard Security Feature Bypass Vulnerability | Security Feature Bypass | 5.5 | Important | No | No |
| CVE-2026-50341 | Windows NTFS Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50434 | Windows Push Notification Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50339 | Windows Push Notification Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50430 | Windows Push Notification Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50377 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 5.5 | Important | No | No |
| CVE-2026-50401 | Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50334 | Windows Push Notification Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50352 | Windows Cryptographic Services Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50437 | Windows DWM Core Library Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50455 | Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50409 | Windows Overlay Filter Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50473 | Windows File Explorer Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50442 | Windows File Explorer Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50389 | Windows File Explorer Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50456 | Windows File Explorer Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50431 | Windows Quality of Service (QoS) Packet Scheduler Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50394 | Windows Media Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50475 | Windows Kernel Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50483 | Windows Graphics Component Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50681 | Windows Secure Channel Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50690 | Windows SMB Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-48580 | Microsoft Excel Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-50408 | Microsoft Excel Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-55046 | Microsoft Excel Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-55023 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-55027 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-55028 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-55047 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-55050 | Microsoft Word Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-55138 | Microsoft Excel Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-55124 | Microsoft Word Information Disclosure Vulnerability | Remote Code Execution | 5.5 | Important | No | No |
| CVE-2026-55035 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-55057 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-55142 | Microsoft Word Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-55042 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-55139 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-56184 | Win32k Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-56192 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-56195 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-56178 | Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability | Elevation of Privilege | 5.5 | Important | No | No |
| CVE-2026-57083 | Windows Media Photo Codec Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-57084 | Windows File Explorer Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-57085 | Windows Print Spooler Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-58547 | Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability | Elevation of Privilege | 5.5 | Important | No | No |
| CVE-2026-58545 | Windows Kernel Security Feature Bypass Vulnerability | Security Feature Bypass | 5.5 | Important | No | No |
| CVE-2026-55121 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure | 5.5 | Important | No | No |
| CVE-2026-45488 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 5.4 | Moderate | No | No |
| CVE-2026-58278 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 5.4 | Important | No | No |
| CVE-2026-56157 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing | 5.4 | Important | No | No |
| CVE-2026-58524 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 5.4 | Important | No | No |
| CVE-2026-44806 | Windows Secure Channel Denial of Service Vulnerability | Denial of Service | 5.3 | Important | No | No |
| CVE-2026-50432 | Window Virtual Filtering Platform (VFP) Denial of Service Vulnerability | Denial of Service | 5.3 | Important | No | No |
| CVE-2026-50415 | Windows Media Information Disclosure Vulnerability | Information Disclosure | 5.3 | Important | No | No |
| CVE-2026-50418 | Windows System Secure Feature Bypass Vulnerability | Security Feature Bypass | 5.1 | Important | No | No |
| CVE-2026-26145 | Microsoft Azure Synapse Elevation of Privilege Vulnerability | Elevation of Privilege | 4.8 | Critical | No | No |
| CVE-2026-50684 | Active Directory Federation Server Spoofing Vulnerability | Spoofing | 4.8 | Important | No | No |
| CVE-2026-49167 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege | 4.7 | Important | No | No |
| CVE-2026-50310 | Windows Human Interface Device Information Disclosure Vulnerability | Information Disclosure | 4.7 | Important | No | No |
| CVE-2026-50312 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Elevation of Privilege | 4.7 | Important | No | No |
| CVE-2026-50657 | Microsoft Defender for Endpoint for Mac Information Disclosure Vulnerability | Information Disclosure | 4.7 | Important | No | No |
| CVE-2026-49794 | Windows USB Audio Class Driver Information Disclosure Vulnerability | Information Disclosure | 4.6 | Important | No | No |
| CVE-2026-55016 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing | 4.6 | Important | No | No |
| CVE-2026-55019 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing | 4.6 | Important | No | No |
| CVE-2026-55020 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing | 4.6 | Important | No | No |
| CVE-2026-55030 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing | 4.6 | Important | No | No |
| CVE-2026-55135 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing | 4.6 | Important | No | No |
| CVE-2026-50485 | Windows Hyper-V Denial of Service Vulnerability | Denial of Service | 4.5 | Important | No | No |
| CVE-2026-58597 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Spoofing | 4.3 | Low | No | No |
| CVE-2026-55945 | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | Information Disclosure | 4.2 | Moderate | No | No |
| CVE-2026-50302 | Windows Cryptographic Services Security Feature Bypass Vulnerability | Security Feature Bypass | 4.2 | Important | No | No |
| CVE-2026-50419 | Windows Kernel Information Disclosure Vulnerability | Information Disclosure | 3.3 | Important | No | No |
| CVE-2026-50416 | Win32k Information Disclosure Vulnerability | Information Disclosure | 3.3 | Important | No | No |
Retrospective Vulnerability Analysis
CVE-2026-26114 - Microsoft SharePoint Server Remote Code Execution Vulnerability (Remote Code Execution). An untrusted data deserialization vulnerability that allows an authorized attacker with minimal site member privileges to execute arbitrary code on the server. The published PoC demonstrates a full-chain exploit: using a SQL injection in the Taxonomy component to inject a specially crafted object into a system table, which is then automatically deserialized by the background SharePoint service (OWSTIMER). This vulnerability was patched in March 2026.
CVE-2026-33829 - Windows Snipping Tool Spoofing Vulnerability (Spoofing). A vulnerability in the Snipping Tool application that allows the disclosure of users' Net-NTLM hashes. The issue stems from insufficient input validation in the registered ms-screensketch URI scheme handler. An attacker can trick a victim into clicking a specially crafted link where the filePath parameter points to an external SMB resource. Upon navigating and confirming the application launch, the system automatically attempts to load the file over the network, transmitting the user's NTLM hash to the attacker's server. A detailed analysis of this vulnerability has been published on GitHub. It was patched in April 2026.
CVE-2026-47291 — HTTP.sys Remote Code Execution Vulnerability (Remote Code Execution). This vulnerability is an integer overflow leading to a heap buffer overflow in the Windows kernel when processing HTTP requests via the HTTP.sys driver. The issue occurs due to incorrect type casting when incrementing the header limit counter, resulting in the allocation of a buffer of insufficient size for the new array. An unauthenticated attacker can send a specially crafted HTTP or HTTP/2 request with a large number of headers, which causes kernel memory overwrite during data copying and allows remote code execution with system privileges. A PoC demonstrating the counter overflow mechanism when sending a high number of headers is available on GitHub. This vulnerability was patched in June 2026.
CVE-2026-45504 — Microsoft Exchange Server Elevation of Privilege Vulnerability (Elevation of Privilege). A Server-Side Request Forgery (SSRF) vulnerability associated with improper path validation when handling Reference Attachments. An authorized attacker with a low level of privileges and an active mailbox can create a message containing a link to an external, controlled resource that returns an XML response with a local path (such as pointing to system files) when accessed. When the attachment preview function (GetAttachmentPreview) is invoked in OWA, the Exchange server processes this path and returns the contents of the local file to the user, bypassing access restrictions and elevating privileges in the system. A PoC demonstrating this vulnerability is available on GitHub. This vulnerability was patched in June 2026.
CVE-2026-42980 — Windows NT OS Kernel Elevation of Privilege Vulnerability (Elevation of Privilege). This vulnerability is associated with an integer underflow in the Windows kernel WMI subsystem (ntoskrnl.exe) when calling the WmipQueryAllDataMultiple (IOCTL 0x22812C) and WmipQuerySingleMultiple (IOCTL 0x228130) functions. Due to incorrect subtraction of the data size from the unsigned 32-bit counter of the remaining buffer, the length variable takes on a critically large value. This allows a local user to trigger a kernel heap buffer overflow, overwrite adjacent named pipe structures (NP_DATA_QUEUE_ENTRY), and elevate privileges to SYSTEM. A detailed technical description and PoC for this vulnerability are available on GitHub. This vulnerability was patched in June 2026.
Conclusion
The July update release represents an unprecedented challenge for any organization's IT infrastructure. Processing 622 vulnerabilities within a standard testing cycle is practically impossible, making prioritization critical.
Recommended action plan for July:
- Urgent patching of Zero-Day vulnerabilities:
- Immediately update AD FS (CVE-2026-56155) authentication servers to prevent account compromise.
- Install patches on SharePoint (CVE-2026-56164) servers and configure AMSI integration to inspect incoming web traffic.
- Protection of cloud systems and virtualization: Update Hyper-V hypervisors (to close the flaw in VMSwitch) and synchronize security policies for Entra and Azure OpenAI cloud platforms.
- Protection of network services (RCE): Apply updates to critical server roles, specifically DHCP servers and SQL Server databases.
- Mobile devices: Install cumulative updates on corporate laptops to address the publicly disclosed BitLocker (CVE-2026-50661) vulnerability.
Focus on retrospective analysis: The situation is complicated by the fact that detailed breakdowns and PoC exploits for critical vulnerabilities from June and earlier spring have appeared in the public domain (including GitHub) over the past month. These include: a highly dangerous RCE in HTTP.sys (CVE-2026-47291), an SSRF in Exchange Server (CVE-2026-45504), and logical authentication bypasses in SMB (CVE-2026-24294). If you have not addressed these flaws previously, your network is at significant risk right now, even before analyzing the massive July update package. Clearing patch technical debt from previous months should be performed in parallel with addressing July's Zero-Day vulnerabilities.