Microsoft Patch Tuesday Analysis – July 2026

Executive Summary

On Tuesday, July 14, 2026, Microsoft released its monthly security update, addressing 622 vulnerabilities across its products.

By Severity:

  • Critical - 62;
  • Moderate - 6;
  • Important - 553;
  • Low - 1.

Exploited (Zero-Days) and Publicly Disclosed Vulnerabilities

Particular attention should be paid to the following 3 vulnerabilities. Addressing them is the highest priority:

  • CVE-2026-56155 (CVSS 7.8; Important) - Active Directory Federation Services Elevation of Privilege Vulnerability (Elevation of Privilege). This vulnerability is caused by insufficient access control granularity (CWE-1220) in Active Directory Federation Services (AD FS). An authorized, low-privileged attacker can exploit this flaw to locally bypass access restrictions and elevate their privileges to administrator level.
  • CVE-2026-56164 (CVSS 5.3; Moderate) - Microsoft SharePoint Server Elevation of Privilege Vulnerability (Elevation of Privilege). This vulnerability is caused by a missing authentication for a critical function (CWE-306) in Microsoft SharePoint Server. A remote, unauthorized attacker can exploit this flaw over the network with low complexity and without any user interaction, allowing them to elevate privileges in the system. To protect against and detect potential attacks, it is recommended to enable AMSI (Antimalware Scan Interface) integration and configure full scanning of POST request bodies for IIS worker processes.
  • CVE-2026-50661 (CVSS 6.1; Important) - Windows BitLocker Security Feature Bypass Vulnerability (Security Feature Bypass). This vulnerability is related to a protection mechanism failure in Windows BitLocker (CWE-693). An attacker with direct physical access to the target device can exploit this vulnerability to bypass the BitLocker Device Encryption feature, allowing unauthorized access to protected and encrypted data on the system drive.

General Trends

The July 2026 Patch Tuesday was an unprecedented event in the history of Microsoft updates. The company released patches for a record-breaking 622 vulnerabilities, 62 of which are rated "Critical." This massive volume—effectively replacing three to four standard monthly updates—places an extreme workload on system administration and cybersecurity teams. Key trends of this large-scale release include:

  • Releasing over 600 patches at once indicates either the discovery of a major systemic issue in Windows base libraries or the accumulation of findings from long-term security audits. In either case, organizations are required to adjust their patch prioritization strategies.
  • Active attacks on identity and collaboration services: Special attention must be paid to two vulnerabilities that are already actively exploited by attackers (Zero-Days). The first is CVE-2026-56155 in AD FS (Active Directory Federation Services). Compromising a Single Sign-On (SSO) entry point allows attackers to gain access to dozens of linked enterprise services. The second is another flaw in SharePoint Server (CVE-2026-56164), which requires not only a patch but also deep configuration of POST request scanning via AMSI for adequate protection.
  • Impact on cloud AI platforms and virtualization: Microsoft addressed critical elevation of privilege vulnerabilities (CVSS 9.9) in Azure OpenAI (CVE-2026-45499) and the Microsoft Entra directory service (CVE-2026-57100). A dangerous flaw was also fixed in the VMSwitch virtual switch (CVE-2026-57092), which could potentially allow a virtual machine escape to the host system (Hyper-V escape).
  • Infrastructure RCE threats: The network services sector remains highly vulnerable. Critical RCE bugs (CVSS 9.8) were fixed in the DHCP Server, FTP Service, the Windows Server network card driver, as well as in SQL Server and RDP.
  • Physical security questioned: The publicly disclosed BitLocker bypass vulnerability (CVE-2026-50661) continues a series of spring and summer disclosures concerning methods to bypass disk encryption. This is critical for protecting information on employees' mobile devices in the event of loss.

Full List of Vulnerabilities

Below is a table listing all the vulnerabilities addressed this month.

CVETitleTypeCVSSSeverityExploitedPublicly Disclosed
CVE-2026-56155Active Directory Federation Services Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantYesNo
CVE-2026-50661Windows BitLocker Security Feature Bypass VulnerabilitySecurity Feature Bypass6.1ImportantNoYes
CVE-2026-56164Microsoft SharePoint Server Elevation of Privilege VulnerabilityElevation of Privilege5.3ModerateYesNo
CVE-2026-45499Azure OpenAI Elevation of Privilege VulnerabilityElevation of Privilege9.9CriticalNoNo
CVE-2026-57100Microsoft Entra Provisioning Service Elevation of Privilege VulnerabilityElevation of Privilege9.9CriticalNoNo
CVE-2026-57092Microsoft Windows VMSwitch Elevation of Privilege VulnerabilityElevation of Privilege9.9CriticalNoNo
CVE-2026-42990SQL Server ODBC driver Elevation of Privilege VulnerabilityRemote Code Execution9.8ImportantNoNo
CVE-2026-49172Windows FTP Service Remote Code Execution VulnerabilityRemote Code Execution9.8ImportantNoNo
CVE-2026-54990Remote Desktop Client Remote Code Execution VulnerabilityRemote Code Execution9.8ImportantNoNo
CVE-2026-50522Microsoft SharePoint Remote Code Execution VulnerabilityRemote Code Execution9.8CriticalNoNo
CVE-2026-58644Microsoft SharePoint Remote Code Execution VulnerabilityRemote Code Execution9.8CriticalNoNo
CVE-2026-50447Windows Message Queuing Service (MSMQ) Remote Code Execution VulnerabilityRemote Code Execution9.8ImportantNoNo
CVE-2026-50518Windows DHCP Server Remote Code Execution VulnerabilityRemote Code Execution9.8CriticalNoNo
CVE-2026-55010Minecraft Bedrock Dedicated Server Remote Code Execution VulnerabilityRemote Code Execution9.8CriticalNoNo
CVE-2026-55944Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution VulnerabilityRemote Code Execution9.8CriticalNoNo
CVE-2026-56159DHCP Server Service Remote Code Execution VulnerabilityRemote Code Execution9.8CriticalNoNo
CVE-2026-56190Remote Desktop Protocol Remote Code Execution VulnerabilityRemote Code Execution9.8ImportantNoNo
CVE-2026-56188Windows Server Network driver Remote Code Execution VulnerabilityRemote Code Execution9.8CriticalNoNo
CVE-2026-48561Microsoft Copilot Remote Code Execution VulnerabilityRemote Code Execution9.6CriticalNoNo
CVE-2026-50380Windows GDI+ Remote Code Execution VulnerabilityRemote Code Execution9.6CriticalNoNo
CVE-2026-55008Microsoft Exchange Server Spoofing VulnerabilitySpoofing9.6CriticalNoNo
CVE-2026-41106Microsoft 365 Copilot Elevation of Privilege VulnerabilityElevation of Privilege9.3CriticalNoNo
CVE-2026-49798Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege9.3ImportantNoNo
CVE-2026-55040Microsoft SharePoint Server Security Feature Bypass VulnerabilitySecurity Feature Bypass9.1CriticalNoNo
CVE-2026-58289Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution9.0ImportantNoNo
CVE-2026-54998Microsoft Exchange Online Elevation of Privilege VulnerabilityElevation of Privilege8.8CriticalNoNo
CVE-2026-47303ASP.NET Core Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-50663Game: Age of Empires II: Definitive Edition Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantNoNo
CVE-2026-54107Windows Win32k Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-54982Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalNoNo
CVE-2026-54999Windows TCP/IP Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalNoNo
CVE-2026-54117Microsoft SQL Server Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalNoNo
CVE-2026-54118Microsoft SQL Server Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalNoNo
CVE-2026-57969Azure CycleCloud Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-57981Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantNoNo
CVE-2026-56645Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantNoNo
CVE-2026-58608Windows Print Spooler Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalNoNo
CVE-2026-47632Azure Monitor Agent Metrics Extension Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-48564DHCP Server Service Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalNoNo
CVE-2026-49178Windows Active Directory Domain Services Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantNoNo
CVE-2026-49795Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-50342Windows MIDI Service Module Elevation of Privileges VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-50360Windows SMB Server Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-50370DHCP Server Service Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalNoNo
CVE-2026-50398Windows Media Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-50382DirectX Graphics Kernel Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalNoNo
CVE-2026-50369Windows Remote Desktop Services Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-50385Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-50413Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-50438Microsoft PC Manager Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-50474Remote Desktop Client Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalNoNo
CVE-2026-50444Windows Server Update Service (WSUS) Elevation of Privilege VulnerabilityElevation of Privilege8.8CriticalNoNo
CVE-2026-50477Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-50489Win32k Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-47295Microsoft SQL Server Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-50666Windows Remote Access Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-50670Windows Win32k Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-54121Active Directory Certificate Services Elevation of Privilege VulnerabilityElevation of Privilege8.8CriticalNoNo
CVE-2026-50687Windows Win32k Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-50692Desktop Window Manager Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-55052Microsoft SharePoint Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-41109GitHub Copilot and Visual Studio Code Security Feature Bypass VulnerabilitySecurity Feature Bypass8.8ImportantNoNo
CVE-2026-56196Windows Admin Center (WAC) Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantNoNo
CVE-2026-56197Windows Admin Center (WAC) Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantNoNo
CVE-2026-56642Microsoft Fabric Data Warehouse Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantNoNo
CVE-2026-56194Windows NFS Server Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-56647Windows Remote Access Service Infrastructure Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-57090Microsoft Windows Media Foundation Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalNoNo
CVE-2026-57094Microsoft Windows Media Foundation Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalNoNo
CVE-2026-57087Microsoft Windows Media Foundation Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalNoNo
CVE-2026-57102Visual Studio Code Security Feature Bypass VulnerabilitySecurity Feature Bypass8.8ImportantNoNo
CVE-2026-57974Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantNoNo
CVE-2026-58277Microsoft SharePoint Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-58534Windows Input Method Editor (IME) Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-58594Remote Desktop Client Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantNoNo
CVE-2026-58626Windows Remote Desktop Services Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantNoNo
CVE-2026-55005Microsoft Exchange Server Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantNoNo
CVE-2026-47300ASP.NET Core Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-47301Configuration Manager Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoNo
CVE-2026-57983Microsoft Edge (Chromium-based) Security Feature Bypass VulnerabilitySecurity Feature Bypass8.7ImportantNoNo
CVE-2026-50340Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege8.5ImportantNoNo
CVE-2026-54992Microsoft Message Queuing Queue Manager Remote Code Execution VulnerabilityRemote Code Execution8.4CriticalNoNo
CVE-2026-54122Windows GDI+ Remote Code Execution VulnerabilityRemote Code Execution8.4ImportantNoNo
CVE-2026-50520Visual Studio Code Remote Code Execution VulnerabilityRemote Code Execution8.4ImportantNoNo
CVE-2026-49184Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution8.4ImportantNoNo
CVE-2026-54128Windows DHCP Client Remote Code Execution VulnerabilityRemote Code Execution8.4CriticalNoNo
CVE-2026-55045Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution8.4CriticalNoNo
CVE-2026-58281Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution8.3ImportantNoNo
CVE-2026-58284Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution8.3ImportantNoNo
CVE-2026-58285Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution8.3ImportantNoNo
CVE-2026-58287Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution8.3ImportantNoNo
CVE-2026-58288Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution8.3ImportantNoNo
CVE-2026-58295Microsoft Edge (Chromium-based) Security Feature Bypass VulnerabilitySecurity Feature Bypass8.3ImportantNoNo
CVE-2026-58596Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityElevation of Privilege8.3ImportantNoNo
CVE-2026-56181Windows Network Address Translation (NAT) Spoofing VulnerabilitySpoofing8.3ModerateNoNo
CVE-2026-50338Azure Spring Apps Elevation of Privilege VulnerabilityElevation of Privilege8.2ImportantNoNo
CVE-2026-50429Windows Kernel Information Disclosure VulnerabilityInformation Disclosure8.2ImportantNoNo
CVE-2026-50528.NET Security Feature Bypass VulnerabilitySecurity Feature Bypass8.2ImportantNoNo
CVE-2026-50680Windows Hyper-V Elevation of Privilege VulnerabilityElevation of Privilege8.2CriticalNoNo
CVE-2026-58525Microsoft Edge (Chromium-based) Security Feature Bypass VulnerabilitySecurity Feature Bypass8.2ImportantNoNo
CVE-2026-42900Microsoft Windows App Store Elevation of Privilege VulnerabilityElevation of Privilege8.1ImportantNoNo
CVE-2026-49164Windows Active Directory Domain Services Remote Code Execution VulnerabilityRemote Code Execution8.1CriticalNoNo
CVE-2026-54995Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution VulnerabilityRemote Code Execution8.1CriticalNoNo
CVE-2026-56169Windows Admin Center Elevation of Privilege VulnerabilityElevation of Privilege8.1ImportantNoNo
CVE-2026-50694Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution VulnerabilityRemote Code Execution8.1CriticalNoNo
CVE-2026-58595Microsoft Bing App for IOS Spoofing VulnerabilitySpoofing8.1ImportantNoNo
CVE-2026-47304.NET Security Feature Bypass VulnerabilitySecurity Feature Bypass8.1ImportantNoNo
CVE-2026-50460Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege8.1ImportantNoNo
CVE-2026-50439Microsoft Message Queuing Queue Manager Remote Code Execution VulnerabilityRemote Code Execution8.1ImportantNoNo
CVE-2026-50487Windows DNS Client Elevation of Privilege VulnerabilityElevation of Privilege8.1ImportantNoNo
CVE-2026-50686Windows OLE Remote Code Execution VulnerabilityRemote Code Execution8.1ImportantNoNo
CVE-2026-56186Windows Secure Channel Information Disclosure VulnerabilityInformation Disclosure8.1ImportantNoNo
CVE-2026-58282Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing8.1ImportantNoNo
CVE-2026-58283Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing8.1ImportantNoNo
CVE-2026-58286Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing8.1ImportantNoNo
CVE-2026-58293Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution8.1ImportantNoNo
CVE-2026-58617M365 Copilot for iOS Elevation of Privilege VulnerabilityElevation of Privilege8.1ImportantNoNo
CVE-2026-42975Windows Bluetooth Port Driver Remote Code ExecutionRemote Code Execution8.0ImportantNoNo
CVE-2026-49169Windows DNS Server Remote Code Execution VulnerabilityRemote Code Execution8.0ImportantNoNo
CVE-2026-58647Microsoft PowerBI Report Server Spoofing VulnerabilitySpoofing8.0ImportantNoNo
CVE-2026-40400Windows PowerShell Remote Code Execution VulnerabilityRemote Code Execution8.0ImportantNoNo
CVE-2026-50365Remote Access Management service/API (RPC server) Elevation of Privilege VulnerabilityElevation of Privilege8.0ImportantNoNo
CVE-2026-50502Windows Event Logging Service Remote Code Execution VulnerabilityRemote Code Execution8.0ImportantNoNo
CVE-2026-50683Windows DHCP Client Elevation of Privilege VulnerabilityElevation of Privilege8.0ImportantNoNo
CVE-2026-42982Windows Secure Kernel Mode Elevation of Privilege VulnerabilityElevation of Privilege7.8CriticalNoNo
CVE-2026-47296Microsoft SQL Server Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-49166Windows Print Configuration Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-49170Windows StateRepository API Server file Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-49176Windows WalletService Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-49175Windows DNS Client Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-49173Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-54987Windows Overlay Filter Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50697Windows Common Log File System Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-54991Windows USB Print Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-54986Windows Win32k Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-54993Microsoft Windows Media Foundation Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55001Active Directory Domain Services Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-54112Windows Win32k Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-55004Windows Print Configuration Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-54109Windows Resilient File System (ReFS) Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-54114Windows Win32k Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-55011Microsoft Defender Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalNoNo
CVE-2026-55012Microsoft Defender Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalNoNo
CVE-2026-55002Microsoft SQL Server Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50675Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55899Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55948Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-57107Windows Admin Center Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-55014Windows Remote Help Defense Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-58601Virtual Hard Disk (VHD) Miniport Driver Elevation of Privilege VulernabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-58602Windows Kernel-Mode Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-58609Windows Graphics Component Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-58610Microsoft Windows Media Foundation Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-58618Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-58631Windows Admin Center (WAC) Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-58635Windows Narrator Braille Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-58636Microsoft PC Manager Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-44800Windows Push Notifications Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-48581Surface Broker SDMA Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-49783Secure Boot Security Feature Bypass VulnerabilitySecurity Feature Bypass7.8ImportantNoNo
CVE-2026-49792Windows Resilient File System (ReFS) Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-49793Windows Resilient File System (ReFS) Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-49796Windows GDI+ Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalNoNo
CVE-2026-49797Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-49800Windows Web Proxy Auto-Discovery Protocol (WPAD) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50308Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-50311Windows Server Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50333Windows Spaceport.sys Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50318Windows Resilient File System (ReFS) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50351Windows Audio Compression Manager (ACM) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-49808Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50293Windows Internal Task Bar Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50332Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50305Microsoft Brokering File System Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50329Microsoft DWM Core Library Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50363Windows Push Notifications Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50306Windows TCP/IP Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50412Windows NTFS Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50337Windows Notification Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50386Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-50400Windows App Package Installer Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50309Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-50326Windows Unified Consent System Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50313Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-50440Windows Audio Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50327Windows Media Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalNoNo
CVE-2026-50407Windows Resilient File System (ReFS) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50331Windows Application Model Core API Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50343Microsoft Install Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50347Windows Data.dll Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-50321Windows USB Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50425Windows Internal System User Profile Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50315Windows Image Acquisition Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50357Windows Resilient File System (ReFS) Elevation of Privilege VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-50335Windows Operating Systems Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50361Microsoft Brokering File System Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50317Windows Operating Systems Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50373Windows Search Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50353DirectX Graphics Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50388Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-50336Windows Media Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50433Windows Media Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50391Windows Group Policy Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50423Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50378Windows Key Guard Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50346Netlogon RPC Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50405Windows Filtering Platform Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50448Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-50387Windows GDI Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50344Windows OLE Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50436Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50471Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-50469Windows Projected File System Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50454Windows User Interface Core Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50427Content Delivery Manager Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50422Windows NTFS Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50421Windows Connected User Experiences and Telemetry Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50367Windows Sensor Data Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50466Microsoft Brokering File System Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50402NTFS Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50435Windows Overlay Filter Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50441Windows Resilient File System (ReFS) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50462Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50457Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50399Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50461Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-50417Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-50362Windows Resilient File System (ReFS) Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-50458Microsoft Brokering File System Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50476Windows Network Connections Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50450Windows Network Connections Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50478Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50479Windows USB Hub Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50480Windows Web Proxy Auto-Discovery Protocol (WPAD) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50484Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50493DirectX Graphics Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50486Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50488Clipboard User Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50499Windows Print Spooler Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50494Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-50498Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50501Windows Resilient File System (ReFS) Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-50509Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50510GitHub Copilot Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-50646.NET Framework Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-50649.NET Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-50650.NET Framework Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50655Microsoft Windows Media Foundation Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalNoNo
CVE-2026-50667Windows Common Log File System Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50673Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50676Windows Media Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50677Windows Media Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-54115Windows Message Queuing (MSMQ) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50679Windows Search Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50688Windows Win32k Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-50689Windows Clipboard Server Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-54125Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-47290Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-47642Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-50301Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-50314Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalNoNo
CVE-2026-50467Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalNoNo
CVE-2026-55017Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55024Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55018Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalNoNo
CVE-2026-55022Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalNoNo
CVE-2026-55025Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55125Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55031Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55048Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55029Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55039Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55049Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalNoNo
CVE-2026-55032Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55033Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalNoNo
CVE-2026-55041Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55127Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalNoNo
CVE-2026-55136Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55141Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55129Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalNoNo
CVE-2026-55036Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55044Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55055Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55037Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55058Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55038Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55132Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalNoNo
CVE-2026-55137Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55053Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55131Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55134Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55056Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalNoNo
CVE-2026-55140Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalNoNo
CVE-2026-55128Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55130Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55043Microsoft PowerPoint Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalNoNo
CVE-2026-55133Microsoft OneNote Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55123Microsoft PowerPoint Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalNoNo
CVE-2026-55120Microsoft PowerPoint Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalNoNo
CVE-2026-54131Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55947Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-55949Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-56156Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-56176Windows Win32k Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-56175Windows NTFS Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-56182Windows NTFS Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-56189Microsoft Windows Media Foundation Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalNoNo
CVE-2026-50665Microsoft Office Information Disclosure VulnerabilityInformation Disclosure7.8ImportantNoNo
CVE-2026-56643DirectX Graphics Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-56644DirectX Graphics Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-54124Windows Terminal Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-56650Windows Network File System Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-57091Windows File History Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-57088Extensible Storage Engine (ESENT) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-57096Windows Routing and Remote Access Service (RRAS) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-57968Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-58527Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-58530Windows Resilient File System (ReFS) Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-58538Windows Bluetooth Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-58540Windows Installer Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-58532Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-58537Microsoft NAT Helper Components (ipnathlp.dll) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-58536Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-58542Windows Media Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalNoNo
CVE-2026-58541Microsoft DWM Core Library Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-47305Visual Studio Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2026-58613Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-58628Windows Wireless Network Manager Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-58632Windows Win32 Kernel Subsystem Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-58633Desktop Window Manager Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-58634Desktop Window Manager Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-55006Microsoft Exchange Server Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-55009Microsoft Exchange Server Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2026-57985Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution7.6ImportantNoNo
CVE-2026-49171Windows Speech Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.5ImportantNoNo
CVE-2026-50506OData for ASP.NET and ASP.NET Core Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-54983Windows Active Directory Federation Services Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-50695Windows Active Directory Federation Services Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-50696Internet Key Exchange (IKE) Protocol Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-54119Windows Active Directory Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-50524.NET Framework Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-56170ASP.NET Core Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-57984Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantNoNo
CVE-2026-57986Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantNoNo
CVE-2026-57992Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantNoNo
CVE-2026-58276Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantNoNo
CVE-2026-50652Azure Active Directory Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-50653Azure Active Directory Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-40378Windows Local Security Authority Subsystem Service (LSASS) Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-45646OData for ASP.NET and ASP.NET Core Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-49181Windows DHCP Client Elevation of Privilege VulnerabilityElevation of Privilege7.5ImportantNoNo
CVE-2026-49787HTTP.sys Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-49788HTTP/2 Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-50304Windows Active Directory Federation Services Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-50328Windows Server Update Service (WSUS) Tampering VulnerabilityTampering7.5ImportantNoNo
CVE-2026-50368Windows Active Directory Federation Services Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-50330Windows Remote Desktop Client Elevation of Privilege VulnerabilityElevation of Privilege7.5ImportantNoNo
CVE-2026-50355Windows Active Directory Federation Services Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-50414Windows Media Elevation of Privilege VulnerabilityElevation of Privilege7.5ImportantNoNo
CVE-2026-50379Windows Media Elevation of Privilege VulnerabilityElevation of Privilege7.5ImportantNoNo
CVE-2026-50463Windows Kernel Information Disclosure VulnerabilityInformation Disclosure7.5ImportantNoNo
CVE-2026-50411Windows Active Directory Federation Services Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-50424Windows Domain Controller Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-50470Windows Network Policy Server SNMP Information Disclosure VulnerabilityInformation Disclosure7.5ImportantNoNo
CVE-2026-50500Windows Netlogon Elevation of Privilege VulnerabilityElevation of Privilege7.5ImportantNoNo
CVE-2026-50505Windows Message Queuing Service (MSMQ) Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantNoNo
CVE-2026-50496Windows Network Policy Server SNMP Information Disclosure VulnerabilityInformation Disclosure7.5ImportantNoNo
CVE-2026-50525.NET Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-50527.NET Framework Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-50647Active Directory Federation Server Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-50648.NET Framework Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-50651.NET Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-50685Windows DHCP Server Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantNoNo
CVE-2026-56648Windows NFS Server Elevation of Privilege VulnerabilityElevation of Privilege7.5ImportantNoNo
CVE-2026-57089Windows SMB Server Network Transport Driver (srvnet.sys) Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantNoNo
CVE-2026-57108.NET Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-57975Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantNoNo
CVE-2026-58290Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantNoNo
CVE-2026-58292Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantNoNo
CVE-2026-58294Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantNoNo
CVE-2026-58299Microsoft Edge for Android Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantNoNo
CVE-2026-58531Windows SMB Elevation of Privilege VulnerabilityElevation of Privilege7.5ImportantNoNo
CVE-2026-58627Windows DHCP Server Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-47302.NET Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2026-54127Windows Hyper-V Elevation of Privilege VulnerabilityElevation of Privilege7.4CriticalNoNo
CVE-2026-57991Microsoft Edge (Chromium-based) Information Disclosure VulnerabilityInformation Disclosure7.4ImportantNoNo
CVE-2026-57993Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing7.4ImportantNoNo
CVE-2026-58640Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.3ImportantNoNo
CVE-2026-49789Windows NTFS Elevation of Privilege VulnerabilityElevation of Privilege7.3ImportantNoNo
CVE-2026-49790Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege VulnerabilityElevation of Privilege7.3ImportantNoNo
CVE-2026-50364Windows Backup Service Elevation of Privilege VulnerabilityElevation of Privilege7.3ImportantNoNo
CVE-2026-50482Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution7.3ImportantNoNo
CVE-2026-55021Microsoft SharePoint Server Spoofing VulnerabilitySpoofing7.3ImportantNoNo
CVE-2026-55034Microsoft SharePoint Server Spoofing VulnerabilitySpoofing7.3ImportantNoNo
CVE-2026-55126Microsoft SharePoint Server Spoofing VulnerabilitySpoofing7.3ImportantNoNo
CVE-2026-58298Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing7.2ImportantNoNo
CVE-2026-49165Microsoft Windows App Store Information Disclosure VulnerabilityInformation Disclosure7.1ImportantNoNo
CVE-2026-55144Windows Cryptography API: Next Generation (CNG) Tampering VulnerabilityTampering7.1ImportantNoNo
CVE-2026-56193Microsoft Office Information Disclosure VulnerabilityInformation Disclosure7.1ImportantNoNo
CVE-2026-57988Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution7.1ImportantNoNo
CVE-2026-49791Windows Routing and Remote Access Service (RRAS) Elevation of Privilege VulnerabilityElevation of Privilege7.1ImportantNoNo
CVE-2026-50354Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.1ImportantNoNo
CVE-2026-50428Windows Container Isolation FS Filter Driver (unionfs.sys) Information Disclosure VulnerabilityInformation Disclosure7.1ImportantNoNo
CVE-2026-50451Windows Routing and Remote Access Service (RRAS) Elevation of Privilege VulnerabilityElevation of Privilege7.1ImportantNoNo
CVE-2026-50465Windows DNS Client Tampering VulnerabilityTampering7.1ImportantNoNo
CVE-2026-50682Active Directory Denial of Service VulnerabilityDenial of Service7.1ImportantNoNo
CVE-2026-55122Microsoft Excel Information Disclosure VulnerabilityInformation Disclosure7.1ImportantNoNo
CVE-2026-57101Visual Studio Code Security Feature Bypass VulnerabilitySecurity Feature Bypass7.1ImportantNoNo
CVE-2026-57977Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing7.1ImportantNoNo
CVE-2026-58296Microsoft Edge for Android Information Disclosure VulnerabilityInformation Disclosure7.1ImportantNoNo
CVE-2026-58297Microsoft Edge for Android Information Disclosure VulnerabilityInformation Disclosure7.1ImportantNoNo
CVE-2026-58529Windows Active Directory Federation Services (ADFS) Information Disclosure VulnerabilityInformation Disclosure7.1ImportantNoNo
CVE-2026-48572Windows App Package Installer Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-48571Windows App Package Installer Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-49162Microsoft Brokering File System Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-49784Microsoft Windows App Store Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-54129Windows Hyper-V Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-54989Quality Windows Audio/Video Experience (QWAVE) Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-54111Universal Print Management Service Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-54996Windows USB Print Driver Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-58526Windows Storage Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-49183Windows Clipboard Server Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-49802Windows USB Print Driver Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-49806Windows USB Print Driver Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-49805Win32k Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-49803Windows AppX Deployment Extensions Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50323Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50296DirectX Graphics Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50297Win32k Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50325Win32k Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50356Microsoft Windows App Store Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50384Windows Clip Service Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50372Windows Redirected Drive Buffering System Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50392Windows Secure Kernel Mode Elevation of Privilege VulnerabilityElevation of Privilege7.0CriticalNoNo
CVE-2026-50393Windows Kernel-Mode Driver Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50307Windows TCP/IP Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50396Windows Kernel-Mode Driver Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50390Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50452Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50348Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50345Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50322Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50404Windows Media Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50358Windows Media Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50410Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50449Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50371Windows LUA File Virtualization Filter Driver Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50403Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50397Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50406Windows Backup Engine Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50459Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50490Windows Installer Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50491Code Integrity DLL (ci.dll) Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50503Windows Runtime Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50526.NET Tampering VulnerabilityTampering7.0ImportantNoNo
CVE-2026-50658Microsoft Defender for Endpoint for Mac Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50669Windows Telephony Server Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50672Windows NTFS Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50674Windows USB Print Driver Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-50359Microsoft XML Core Services Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-56173Windows WebView Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-56183Windows MIDI Service Module Elevation of Privileges VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-56187Windows MIDI Service Module Elevation of Privileges VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-57093Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-58544Windows Management Services Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-58619Windows Sensor Data Service Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-58629DirectX Graphics Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-58637Windows Client-Side Caching Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantNoNo
CVE-2026-49168Storage Spaces Direct Elevation of Privilege VulnerabilityElevation of Privilege6.8ImportantNoNo
CVE-2026-54132Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege6.8ImportantNoNo
CVE-2026-50299Windows Storage Spaces Direct Remote Code Execution VulnerabilityRemote Code Execution6.8ImportantNoNo
CVE-2026-50298Windows Spaceport.sys Elevation of Privilege VulnerabilityElevation of Privilege6.8ImportantNoNo
CVE-2026-50426Windows DNS Server Remote Code Execution VulnerabilityRemote Code Execution6.8ImportantNoNo
CVE-2026-50492Windows Resilient File System (ReFS) Remote Code Execution VulnerabilityRemote Code Execution6.8ImportantNoNo
CVE-2026-50668Windows Resilient File System (ReFS) Elevation of Privilege VulnerabilityElevation of Privilege6.8ImportantNoNo
CVE-2026-58522Microsoft Edge for Android Information Disclosure VulnerabilityInformation Disclosure6.8ImportantNoNo
CVE-2026-58528Windows USB Audio Class Driver Information Disclosure VulnerabilityInformation Disclosure6.8ImportantNoNo
CVE-2026-50678Microsoft Excel Information Disclosure VulnerabilityInformation Disclosure6.6ImportantNoNo
CVE-2026-49804Windows USB Video Driver Elevation of Privilege VulnerabilityElevation of Privilege6.6ImportantNoNo
CVE-2026-45489Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing6.5ModerateNoNo
CVE-2026-47282GitHub Copilot and Visual Studio Code Information Disclosure VulnerabilityInformation Disclosure6.5ImportantNoNo
CVE-2026-55003Windows Remote Desktop Protocol (RDP) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantNoNo
CVE-2026-54108Microsoft SharePoint Server Spoofing VulnerabilitySpoofing6.5ImportantNoNo
CVE-2026-56185Windows Admin Center Information Disclosure VulnerabilityInformation Disclosure6.5ImportantNoNo
CVE-2026-57976Windows Active Directory Domain Services Denial of Service VulnerabilityDenial of Service6.5ImportantNoNo
CVE-2026-57979Windows Remote Desktop Protocol (RDP) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantNoNo
CVE-2026-57987Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing6.5ImportantNoNo
CVE-2026-58279Azure CycleCloud Elevation of Privilege VulnerabilityElevation of Privilege6.5ImportantNoNo
CVE-2026-56646Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing6.5ImportantNoNo
CVE-2026-34348Windows Event Logging Service Information Disclosure VulnerabilityInformation Disclosure6.5ImportantNoNo
CVE-2026-49799Windows Local Security Authority Subsystem Service (LSASS) Denial of Service VulnerabilityDenial of Service6.5ImportantNoNo
CVE-2026-50366Windows Active Directory Domain Services Denial of Service VulnerabilityDenial of Service6.5ImportantNoNo
CVE-2026-50376Windows Remote Desktop Client Information Disclosure VulnerabilityInformation Disclosure6.5ImportantNoNo
CVE-2026-50445Windows Remote Desktop Protocol (RDP) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantNoNo
CVE-2026-50497Windows Remote Desktop Protocol (RDP) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantNoNo
CVE-2026-50504Windows Remote Desktop Client Information Disclosure VulnerabilityInformation Disclosure6.5ImportantNoNo
CVE-2026-50659.NET Spoofing VulnerabilitySpoofing6.5ImportantNoNo
CVE-2026-54126Windows Remote Desktop Protocol (RDP) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantNoNo
CVE-2026-55054Microsoft Excel Information Disclosure VulnerabilityInformation Disclosure6.5ImportantNoNo
CVE-2026-55051Microsoft SharePoint Server Information Disclosure VulnerabilityInformation Disclosure6.5ImportantNoNo
CVE-2026-50468Microsoft SQL Server Information Disclosure VulnerabilityInformation Disclosure6.5ImportantNoNo
CVE-2026-54116Microsoft SQL Server Information Disclosure VulnerabilityInformation Disclosure6.5ImportantNoNo
CVE-2026-56168Windows SMB Server Denial of Service VulnerabilityDenial of Service6.5ImportantNoNo
CVE-2026-57982Windows Remote Desktop Protocol (RDP) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantNoNo
CVE-2026-58523Microsoft Edge for Android Security Feature Bypass VulnerabilitySecurity Feature Bypass6.5ImportantNoNo
CVE-2026-58533Windows Remote Desktop Client Information Disclosure VulnerabilityInformation Disclosure6.5ImportantNoNo
CVE-2026-58535Windows Remote Desktop Client Information Disclosure VulnerabilityInformation Disclosure6.5ImportantNoNo
CVE-2026-58546Windows Remote Desktop Client Information Disclosure VulnerabilityInformation Disclosure6.5ImportantNoNo
CVE-2026-58539Windows Remote Desktop Client Information Disclosure VulnerabilityInformation Disclosure6.5ImportantNoNo
CVE-2026-55000Windows USB Print Driver Elevation of Privilege VulnerabilityElevation of Privilege6.4ImportantNoNo
CVE-2026-57097Microsoft XML Security Feature Bypass VulnerabilitySecurity Feature Bypass6.4ImportantNoNo
CVE-2026-50375DirectX Graphics Kernel Elevation of Privilege VulnerabilityElevation of Privilege6.3ImportantNoNo
CVE-2026-50374Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityElevation of Privilege6.3ImportantNoNo
CVE-2026-57973Windows Subsystem for Linux (WSL2) Kernel Tampering VulnerabilityTampering6.3ImportantNoNo
CVE-2026-58543Universal Print Management Service Elevation of Privilege VulnerabilityElevation of Privilege6.3ImportantNoNo
CVE-2026-55145Outlook Copilot Tampering VulnerabilityTampering6.3ModerateNoNo
CVE-2026-50294Windows Kernel Information Disclosure VulnerabilityInformation Disclosure6.2ImportantNoNo
CVE-2026-49807Windows DirectX Information Disclosure VulnerabilityInformation Disclosure6.2ImportantNoNo
CVE-2026-50420HTTP.sys Information Disclosure VulnerabilityInformation Disclosure6.2ImportantNoNo
CVE-2026-55026Microsoft Office Information Disclosure VulnerabilityInformation Disclosure6.2ImportantNoNo
CVE-2026-57095Win32k Elevation of Privilege VulnerabilityElevation of Privilege6.2ImportantNoNo
CVE-2026-58300Microsoft Edge for Android Information Disclosure VulnerabilityInformation Disclosure6.2ImportantNoNo
CVE-2026-49174DNS Client Tampering VulnerabilityTampering6.1ImportantNoNo
CVE-2026-54988Microsoft Excel Information Disclosure VulnerabilityInformation Disclosure6.1ImportantNoNo
CVE-2026-50383Windows Print Spooler Information Disclosure VulnerabilityInformation Disclosure6.1ImportantNoNo
CVE-2026-50453Windows USB Audio Class Driver Information Disclosure VulnerabilityInformation Disclosure6.1ImportantNoNo
CVE-2026-50495DNS Client Tampering VulnerabilityTampering6.1ImportantNoNo
CVE-2026-55898Microsoft Excel Information Disclosure VulnerabilityInformation Disclosure6.1ImportantNoNo
CVE-2026-58291Microsoft Edge (Chromium-based) Information Disclosure VulnerabilityInformation Disclosure6.1ImportantNoNo
CVE-2026-58638Windows Boot Loader Security Feature Bypass VulnerabilitySecurity Feature Bypass6.0ImportantNoNo
CVE-2026-50324Windows Active Directory Federation Services Denial of Service VulnerabilityDenial of Service5.9ImportantNoNo
CVE-2026-56649Windows Network File System Remote Code Execution VulnerabilityRemote Code Execution5.9ImportantNoNo
CVE-2026-34349Windows Media Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-34346Windows Ancillary Function Driver for WinSock Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-49177Windows TCP/IP Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-45496Visual Studio Code Security Feature Bypass VulnerabilitySecurity Feature Bypass5.5ImportantNoNo
CVE-2026-54997Windows SMB Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-58614Windows Kernel Security Feature Bypass VulnerabilitySecurity Feature Bypass5.5ImportantNoNo
CVE-2026-33842Windows File Explorer Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-34328Windows Audio Service Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-40422Windows File Explorer Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-41087Windows File Explorer Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-49180Universal Plug and Play (upnp.dll) Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-49801Windows SMB Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50316Windows Kernel Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50295Windows Zero Trust DNS Security Feature Bypass VulnerabilitySecurity Feature Bypass5.5ImportantNoNo
CVE-2026-50350Windows Trusted Runtime Interface Driver Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50381Composite Image File System driver (cimfs.sys) Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50300Windows DWM Core Library Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50303Windows Key Guard Security Feature Bypass VulnerabilitySecurity Feature Bypass5.5ImportantNoNo
CVE-2026-50341Windows NTFS Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50434Windows Push Notification Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50339Windows Push Notification Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50430Windows Push Notification Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50377Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege5.5ImportantNoNo
CVE-2026-50401Windows Cloud Files Mini Filter Driver Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50334Windows Push Notification Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50352Windows Cryptographic Services Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50437Windows DWM Core Library Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50455Universal Plug and Play (upnp.dll) Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50409Windows Overlay Filter Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50473Windows File Explorer Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50442Windows File Explorer Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50389Windows File Explorer Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50456Windows File Explorer Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50431Windows Quality of Service (QoS) Packet Scheduler Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50394Windows Media Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50475Windows Kernel Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50483Windows Graphics Component Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50681Windows Secure Channel Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50690Windows SMB Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-48580Microsoft Excel Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-50408Microsoft Excel Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-55046Microsoft Excel Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-55023Microsoft Office Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-55027Microsoft Office Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-55028Microsoft Office Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-55047Microsoft Office Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-55050Microsoft Word Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-55138Microsoft Excel Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-55124Microsoft Word Information Disclosure VulnerabilityRemote Code Execution5.5ImportantNoNo
CVE-2026-55035Microsoft Office Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-55057Microsoft Office Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-55142Microsoft Word Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-55042Microsoft Office Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-55139Microsoft Office Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-56184Win32k Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-56192Microsoft Office Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-56195Microsoft Office Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-56178Microsoft Defender for Endpoint for Mac Elevation of Privilege VulnerabilityElevation of Privilege5.5ImportantNoNo
CVE-2026-57083Windows Media Photo Codec Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-57084Windows File Explorer Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-57085Windows Print Spooler Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-58547Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege VulnerabilityElevation of Privilege5.5ImportantNoNo
CVE-2026-58545Windows Kernel Security Feature Bypass VulnerabilitySecurity Feature Bypass5.5ImportantNoNo
CVE-2026-55121Microsoft Office Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2026-45488Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing5.4ModerateNoNo
CVE-2026-58278Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing5.4ImportantNoNo
CVE-2026-56157Microsoft SharePoint Server Spoofing VulnerabilitySpoofing5.4ImportantNoNo
CVE-2026-58524Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing5.4ImportantNoNo
CVE-2026-44806Windows Secure Channel Denial of Service VulnerabilityDenial of Service5.3ImportantNoNo
CVE-2026-50432Window Virtual Filtering Platform (VFP) Denial of Service VulnerabilityDenial of Service5.3ImportantNoNo
CVE-2026-50415Windows Media Information Disclosure VulnerabilityInformation Disclosure5.3ImportantNoNo
CVE-2026-50418Windows System Secure Feature Bypass VulnerabilitySecurity Feature Bypass5.1ImportantNoNo
CVE-2026-26145Microsoft Azure Synapse Elevation of Privilege VulnerabilityElevation of Privilege4.8CriticalNoNo
CVE-2026-50684Active Directory Federation Server Spoofing VulnerabilitySpoofing4.8ImportantNoNo
CVE-2026-49167Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege4.7ImportantNoNo
CVE-2026-50310Windows Human Interface Device Information Disclosure VulnerabilityInformation Disclosure4.7ImportantNoNo
CVE-2026-50312Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityElevation of Privilege4.7ImportantNoNo
CVE-2026-50657Microsoft Defender for Endpoint for Mac Information Disclosure VulnerabilityInformation Disclosure4.7ImportantNoNo
CVE-2026-49794Windows USB Audio Class Driver Information Disclosure VulnerabilityInformation Disclosure4.6ImportantNoNo
CVE-2026-55016Microsoft SharePoint Server Spoofing VulnerabilitySpoofing4.6ImportantNoNo
CVE-2026-55019Microsoft SharePoint Server Spoofing VulnerabilitySpoofing4.6ImportantNoNo
CVE-2026-55020Microsoft SharePoint Server Spoofing VulnerabilitySpoofing4.6ImportantNoNo
CVE-2026-55030Microsoft SharePoint Server Spoofing VulnerabilitySpoofing4.6ImportantNoNo
CVE-2026-55135Microsoft SharePoint Server Spoofing VulnerabilitySpoofing4.6ImportantNoNo
CVE-2026-50485Windows Hyper-V Denial of Service VulnerabilityDenial of Service4.5ImportantNoNo
CVE-2026-58597Microsoft Edge (Chromium-based) Spoofing VulnerabilitySpoofing4.3LowNoNo
CVE-2026-55945Microsoft Edge (Chromium-based) Information Disclosure VulnerabilityInformation Disclosure4.2ModerateNoNo
CVE-2026-50302Windows Cryptographic Services Security Feature Bypass VulnerabilitySecurity Feature Bypass4.2ImportantNoNo
CVE-2026-50419Windows Kernel Information Disclosure VulnerabilityInformation Disclosure3.3ImportantNoNo
CVE-2026-50416Win32k Information Disclosure VulnerabilityInformation Disclosure3.3ImportantNoNo

Retrospective Vulnerability Analysis

  • CVE-2026-26114 - Microsoft SharePoint Server Remote Code Execution Vulnerability (Remote Code Execution). An untrusted data deserialization vulnerability that allows an authorized attacker with minimal site member privileges to execute arbitrary code on the server. The published PoC demonstrates a full-chain exploit: using a SQL injection in the Taxonomy component to inject a specially crafted object into a system table, which is then automatically deserialized by the background SharePoint service (OWSTIMER). This vulnerability was patched in March 2026.

  • CVE-2026-33829 - Windows Snipping Tool Spoofing Vulnerability (Spoofing). A vulnerability in the Snipping Tool application that allows the disclosure of users' Net-NTLM hashes. The issue stems from insufficient input validation in the registered ms-screensketch URI scheme handler. An attacker can trick a victim into clicking a specially crafted link where the filePath parameter points to an external SMB resource. Upon navigating and confirming the application launch, the system automatically attempts to load the file over the network, transmitting the user's NTLM hash to the attacker's server. A detailed analysis of this vulnerability has been published on GitHub. It was patched in April 2026.

  • CVE-2026-47291 — HTTP.sys Remote Code Execution Vulnerability (Remote Code Execution). This vulnerability is an integer overflow leading to a heap buffer overflow in the Windows kernel when processing HTTP requests via the HTTP.sys driver. The issue occurs due to incorrect type casting when incrementing the header limit counter, resulting in the allocation of a buffer of insufficient size for the new array. An unauthenticated attacker can send a specially crafted HTTP or HTTP/2 request with a large number of headers, which causes kernel memory overwrite during data copying and allows remote code execution with system privileges. A PoC demonstrating the counter overflow mechanism when sending a high number of headers is available on GitHub. This vulnerability was patched in June 2026.

  • CVE-2026-45504 — Microsoft Exchange Server Elevation of Privilege Vulnerability (Elevation of Privilege). A Server-Side Request Forgery (SSRF) vulnerability associated with improper path validation when handling Reference Attachments. An authorized attacker with a low level of privileges and an active mailbox can create a message containing a link to an external, controlled resource that returns an XML response with a local path (such as pointing to system files) when accessed. When the attachment preview function (GetAttachmentPreview) is invoked in OWA, the Exchange server processes this path and returns the contents of the local file to the user, bypassing access restrictions and elevating privileges in the system. A PoC demonstrating this vulnerability is available on GitHub. This vulnerability was patched in June 2026.

  • CVE-2026-42980 — Windows NT OS Kernel Elevation of Privilege Vulnerability (Elevation of Privilege). This vulnerability is associated with an integer underflow in the Windows kernel WMI subsystem (ntoskrnl.exe) when calling the WmipQueryAllDataMultiple (IOCTL 0x22812C) and WmipQuerySingleMultiple (IOCTL 0x228130) functions. Due to incorrect subtraction of the data size from the unsigned 32-bit counter of the remaining buffer, the length variable takes on a critically large value. This allows a local user to trigger a kernel heap buffer overflow, overwrite adjacent named pipe structures (NP_DATA_QUEUE_ENTRY), and elevate privileges to SYSTEM. A detailed technical description and PoC for this vulnerability are available on GitHub. This vulnerability was patched in June 2026.

Conclusion

The July update release represents an unprecedented challenge for any organization's IT infrastructure. Processing 622 vulnerabilities within a standard testing cycle is practically impossible, making prioritization critical.

Recommended action plan for July:

  1. Urgent patching of Zero-Day vulnerabilities:
    • Immediately update AD FS (CVE-2026-56155) authentication servers to prevent account compromise.
    • Install patches on SharePoint (CVE-2026-56164) servers and configure AMSI integration to inspect incoming web traffic.
  2. Protection of cloud systems and virtualization: Update Hyper-V hypervisors (to close the flaw in VMSwitch) and synchronize security policies for Entra and Azure OpenAI cloud platforms.
  3. Protection of network services (RCE): Apply updates to critical server roles, specifically DHCP servers and SQL Server databases.
  4. Mobile devices: Install cumulative updates on corporate laptops to address the publicly disclosed BitLocker (CVE-2026-50661) vulnerability.

Focus on retrospective analysis: The situation is complicated by the fact that detailed breakdowns and PoC exploits for critical vulnerabilities from June and earlier spring have appeared in the public domain (including GitHub) over the past month. These include: a highly dangerous RCE in HTTP.sys (CVE-2026-47291), an SSRF in Exchange Server (CVE-2026-45504), and logical authentication bypasses in SMB (CVE-2026-24294). If you have not addressed these flaws previously, your network is at significant risk right now, even before analyzing the massive July update package. Clearing patch technical debt from previous months should be performed in parallel with addressing July's Zero-Day vulnerabilities.

Paranoid Security Microsoft Patch Tuesday Analysis – May 2026 May 12
MS Patch Tuesday Microsoft Patch Tuesday Analysis – May 2026
Paranoid Security Microsoft Patch Tuesday Analysis – April 2026 April 14
MS Patch Tuesday Microsoft Patch Tuesday Analysis – April 2026
Paranoid Security Microsoft Patch Tuesday Analysis – March 2026 March 10
MS Patch Tuesday Microsoft Patch Tuesday Analysis – March 2026