Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.0

    HIGH
    CVE-2026-20931

    External control of file name or path in Windows Telephony Service allows an authorized attacker to elevate privileges over an adjacent network.... Read more

    Affected Products :
    • Published: Jan. 13, 2026
    • Modified: Jan. 13, 2026

  • 7.5

    HIGH
    CVE-2026-20929

    Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network.... Read more

    Affected Products :
    • Published: Jan. 13, 2026
    • Modified: Jan. 13, 2026

  • 5.3

    MEDIUM
    CVE-2026-20927

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to deny service over a network.... Read more

    Affected Products :
    • Published: Jan. 13, 2026
    • Modified: Jan. 13, 2026

  • 7.5

    HIGH
    CVE-2026-20926

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.... Read more

    Affected Products :
    • Published: Jan. 13, 2026
    • Modified: Jan. 13, 2026

  • 6.5

    MEDIUM
    CVE-2026-20925

    External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.... Read more

    Affected Products :
    • Published: Jan. 13, 2026
    • Modified: Jan. 13, 2026

  • 7.8

    HIGH
    CVE-2026-20924

    Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products :
    • Published: Jan. 13, 2026
    • Modified: Jan. 13, 2026

  • 7.8

    HIGH
    CVE-2026-20923

    Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products :
    • Published: Jan. 13, 2026
    • Modified: Jan. 13, 2026

  • 7.8

    HIGH
    CVE-2026-20922

    Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.... Read more

    Affected Products :
    • Published: Jan. 13, 2026
    • Modified: Jan. 13, 2026

  • 7.5

    HIGH
    CVE-2026-20921

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.... Read more

    Affected Products :
    • Published: Jan. 13, 2026
    • Modified: Jan. 13, 2026

  • 7.8

    HIGH
    CVE-2026-20920

    Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products :
    • Published: Jan. 13, 2026
    • Modified: Jan. 13, 2026

  • 7.5

    HIGH
    CVE-2026-20919

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.... Read more

    Affected Products :
    • Published: Jan. 13, 2026
    • Modified: Jan. 13, 2026

  • 7.8

    HIGH
    CVE-2026-20918

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products :
    • Published: Jan. 13, 2026
    • Modified: Jan. 13, 2026

  • 7.8

    HIGH
    CVE-2026-20877

    Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products :
    • Published: Jan. 13, 2026
    • Modified: Jan. 13, 2026

  • 6.7

    MEDIUM
    CVE-2026-20876

    Heap-based buffer overflow in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products :
    • Published: Jan. 13, 2026
    • Modified: Jan. 13, 2026

  • 7.5

    HIGH
    CVE-2026-20875

    Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.... Read more

    Affected Products :
    • Published: Jan. 13, 2026
    • Modified: Jan. 13, 2026

  • 7.8

    HIGH
    CVE-2026-20874

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products :
    • Published: Jan. 13, 2026
    • Modified: Jan. 13, 2026

  • 7.8

    HIGH
    CVE-2026-20873

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products :
    • Published: Jan. 13, 2026
    • Modified: Jan. 13, 2026

  • 6.5

    MEDIUM
    CVE-2026-20872

    External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.... Read more

    Affected Products :
    • Published: Jan. 13, 2026
    • Modified: Jan. 13, 2026

  • 7.8

    HIGH
    CVE-2026-20871

    Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products :
    • Published: Jan. 13, 2026
    • Modified: Jan. 13, 2026

  • 7.8

    HIGH
    CVE-2026-20870

    Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products :
    • Published: Jan. 13, 2026
    • Modified: Jan. 13, 2026
Showing 20 of 4533 Results