CRITICALZero Day
Global

Patch Tuesday - April 2026

·Source: Rapid7

Updated:

Executive Summary

Microsoft is publishing 167 vulnerabilities on April 2026 Patch Tuesday . Microsoft is aware of exploitation in the wild for one of today’s vulnerabilities, and public disclosure for one other. Microsoft evaluates 19 of the vulnerabilities published today as more likely to see future exploitation. So far this month, Microsoft has provided patches to address 80 browser vulnerabilities, which are no

Analysis

Microsoft is publishing 167 vulnerabilities on April 2026 Patch Tuesday . Microsoft is aware of exploitation in the wild for one of today’s vulnerabilities, and public disclosure for one other. Microsoft evaluates 19 of the vulnerabilities published today as more likely to see future exploitation. So far this month, Microsoft has provided patches to address 80 browser vulnerabilities, which are not included in the Patch Tuesday count above. Increasing volumes of vulnerabilities Regular Patch Tuesday watchers will know that these vulnerability totals are significantly higher than usual, especially the browser numbers. Late last week, Microsoft published patches to resolve more than 60 browser vulnerabilities in a single day, which is a new record in that very specific category. It might be tempting to imagine that this sudden spike was tied to the buzz around the announcement a week ago today of Project Glasswing , but this is not the case. Edge is based on the Chromium engine, and the Chromium maintainers acknowledge a wide range of researchers for the vulnerabilities which Microsoft republished last Friday. This reflects a significant industry-wide uptick in the volume of vulnerability reports over the past few weeks. A safe conclusion is that this increase in volume is driven by ever-expanding AI capabilities. We should expect to see further increases in vulnerability reporting volume as the impact of AI models extend further, both in terms of capability and availability. SharePoint: zero-day spoofing When everything is changing rapidly, it can be tempting to look to familiar things for comfort. SharePoint admins should start by addressing CVE-2026-32201 , an exploited-in-the-wild spoofing vulnerability. The advisory doesn’t offer much detail, but does mention CWE-20: Improper Input Validation and low impact to confidentiality and integrity, with no impact to availability. Of course, the greatest attacker impact is typically achieved by chaining together multiple vulnerabilities that by themselves might not seem so bad. Ever-increasing novel AI capabilities in offensive cybersecurity now appear to provide real competition for all but the most elite human researchers; if it was ever valid to suppose that a vulnerability with a CVSS v3 base score of 6.5 was unlikely to cause much pain, it’s certainly not a safe defensive assumption in 2026. Patches are available for all supported versions of SharePoint, including SharePoint 2016, which moves beyond extended support on July 14, 2026. Defender: zero-day elevation of privilege Microsoft Defender receives a patch today for CVE-2026-33825 , a local privilege escalation vulnerability for which Microsoft is aware of public disclosure. Successful exploitation leads to SYSTEM privileges, so this is certainly worth patching sooner rather than later. Microsoft points out that no action should be required to install this update, since the Microsoft Defender Antimalware Platform automatically updates by default. A further silver lining is that systems that have disabled Microsoft Defender are not in an exploitable state. Hopefully, any such system is running a suitable third-party replacement for Defender’s capabilities. Windows [I don’t like] IKE: zero-day pre-auth RCE The Windows Internet Key Exchange (IKE) Services Extensions is the site of CVE-2026-33824 , a critical unauthenticated remote code execution vulnerability. Exploitation requires an attacker to send specially crafted packets to a Windows machine with IKE v2 enabled, which could enable remote code execution. Vulnerabilities leading to unauthenticated RCE against modern Windows assets are relatively rare, or we’d see more wormable vulnerabilities self-propagating across the internet. However, since IKE provides secure tunnel negotiation services, for instance for VPNs, it is necessarily exposed to untrusted networks and reachable in a pre-authorization context. It’s hard to imagine this turning into a rampaging internet-wide worm, but there’s plenty of scope for initial access abuse, so this IKE vulnerability is still yikes. The advisory does contain a section with potential mitigations for anyone unable to patch immediately, which center on least-privilege restriction of relevant UDP traffic. This same portion of the advisory also furnishes a helpful link to the definition of the word “mitigations” in the MSDN glossary. All versions of Windows back as far as Server 2016 and Windows 10 1607 LTSC receive patches. The advisory credits both the WARP and MORSE (Microsoft Offensive Research & Security Engineering) teams at Microsoft. MORSE appears in Acknowledgements over the past few years, but today marks the first explicit mention of WARP in a Microsoft security advisory Acknowledgements section; we can speculate that WARP is an internal designator for the Microsoft Windows Enterprise Security Team. Microsoft lifecycle update In Microsoft lifecycle news, extended support ends April 14, 2026 for a wide range of Microsoft product legacy enterprise tools, including Dynamics C5 2016 , Dynamics NAV 2016 , App-V 5.0 and App-V 5.1 , UE-V 2.1 , and BitLocker Administration and Monitoring 2.5 SP1 . Microsoft .NET 9 STS (Standard Term Support, as distinct from Long Term Support) was originally scheduled to move past the end of support in May 2026, but late last year, Microsoft granted a six-month extension , so that .NET 9 STS now reaches end of support on November 10, 2026. Summary charts Summary tables Azure vulnerabilities CVE Title Exploitation status Publicly disclosed? CVSS v3 base score CVE-2026-32171 Azure Logic Apps Elevation of Privilege Vulnerability Exploitation Less Likely No 8.8 CVE-2026-32168 Azure Monitor Agent Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32192 Azure Monitor Agent Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32184 Microsoft High Performance Compute (HPC) Pack Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 Developer Tools vulnerabilities CVE Title Exploitation status Publicly disclosed? CVSS v3 base score CVE-2026-32203 .NET and Visual Studio Denial of Service Vulnerability Exploitation Less Likely No 7.5 CVE-2026-26171 .NET Denial of Service Vulnerability Exploitation Less Likely No 7.5 CVE-2026-32226 .NET Framework Denial of Service Vulnerability Exploitation Less Likely No 5.9 CVE-2026-23666 .NET Framework Denial of Service Vulnerability Exploitation Less Likely No 7.5 CVE-2026-32178 .NET Spoofing Vulnerability Exploitation Less Likely No 7.5 CVE-2026-33116 .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability Exploitation Less Likely No 7.5 CVE-2026-23653 GitHub Copilot and Visual Studio Code Information Disclosure Vulnerability Exploitation Less Likely No 5.7 CVE-2026-32631 GitHub: CVE-2026-32631 'git clone' from manipulated repositories can leak NTLM hashes Exploitation Less Likely No 7.4 CVE-2026-21637 HackerOne: CVE-2026-21637 TLS PSK/ALPN Callback Exceptions Bypass Error Handlers N/A No 7.5 CVE-2026-26143 Microsoft PowerShell Security Feature Bypass Vulnerability Exploitation Less Likely No 7.8 ESU vulnerabilities CVE Title Exploitation status Publicly disclosed? CVSS v3 base score CVE-2026-32072 Active Directory Spoofing Vulnerability Exploitation Less Likely No 6.2 CVE-2026-32181 Connected User Experiences and Telemetry Service Denial of Service Vulnerability Exploitation Less Likely No 5.5 CVE-2026-27924 Desktop Window Manager Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32154 Desktop Window Manager Elevation of Privilege Vulnerability Exploitation More Likely No 7.8 CVE-2026-27923 Desktop Window Manager Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32155 Desktop Window Manager Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32091 Microsoft Brokering File System Elevation of Privilege Vulnerability Exploitation Less Likely No 8.4 CVE-2026-26152 Microsoft Cryptographic Services Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-26155 Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability Exploitation Less Likely No 6.5 CVE-2026-27914 Microsoft Management Console Elevation of Privilege Vulnerability Exploitation More Likely No 7.8 CVE-2026-25250 MITRE: CVE-2026-25250 Secure Boot disable Eazy Fix Exploitation Less Likely No 6.0 CVE-2026-32081 Package Catalog Information Disclosure Vulnerability Exploitation Unlikely No 5.5 CVE-2026-26170 PowerShell Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-26183 Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32157 Remote Desktop Client Remote Code Execution Vulnerability Exploitation Less Likely No 8.8 CVE-2026-26160 Remote Desktop Licensing Service Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-26159 Remote Desktop Licensing Service Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-26151 Remote Desktop Spoofing Vulnerability Exploitation More Likely No 7.1 CVE-2026-32085 Remote Procedure Call Information Disclosure Vulnerability Exploitation Unlikely No 5.5 CVE-2026-0390 UEFI Secure Boot Security Feature Bypass Vulnerability Exploitation More Likely No 6.7 CVE-2026-32212 Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability Exploitation Less Likely No 5.5 CVE-2026-32214 Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability Exploitation Less Likely No 5.5 CVE-2026-32079 Web Account Manager Information Disclosure Vulnerability Exploitation Unlikely No 5.5 CVE-2026-33104 Win32k Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-33826 Windows Active Directory Remote Code Execution Vulnerability Exploitation More Likely No 8.0 CVE-2026-26178 Windows Advanced Rasterization Platform Elevation of Privilege Vulnerability Exploitation Less Likely No 8.8 CVE-2026-32073 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-26168 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-26173 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-26177 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-26182 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-27922 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-33099 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-33100 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-32088 Windows Biometric Service Security Feature Bypass Vulnerability Exploitation Less Likely No 6.1 CVE-2026-27913 Windows BitLocker Security Feature Bypass Vulnerability Exploitation More Likely No 7.7 CVE-2026-26175 Windows Boot Manager Security Feature Bypass Vulnerability Exploitation Less Likely No 4.6 CVE-2026-26176 Windows Client Side Caching driver (csc.sys) Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-27926 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-32162 Windows COM Elevation of Privilege Vulnerability Exploitation More Likely No 8.4 CVE-2026-20806 Windows COM Server Information Disclosure Vulnerability Exploitation Unlikely No 5.5 CVE-2026-32070 Windows Common Log File System Driver Elevation of Privilege Vulnerability Exploitation More Likely No 7.0 CVE-2026-33098 Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability Exploitation Unlikely No 7.8 CVE-2026-26153 Windows Encrypted File System (EFS) Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32087 Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-32093 Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability Exploitation More Likely No 7.0 CVE-2026-32086 Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-32150 Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-27931 Windows GDI Information Disclosure Vulnerability Exploitation Less Likely No 5.5 CVE-2026-27930 Windows GDI Information Disclosure Vulnerability Exploitation Less Likely No 5.5 CVE-2026-27906 Windows Hello Security Feature Bypass Vulnerability Exploitation More Likely No 4.4 CVE-2026-26156 Windows Hyper-V Remote Code Execution Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32149 Windows Hyper-V Remote Code Execution Vulnerability Exploitation Less Likely No 7.3 CVE-2026-27910 Windows Installer Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-33824 Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability Exploitation Less Likely No 9.8 CVE-2026-27912 Windows Kerberos Elevation of Privilege Vulnerability Exploitation Less Likely No 8.0 CVE-2026-26180 Windows Kernel Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-26163 Windows Kernel Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32215 Windows Kernel Information Disclosure Vulnerability Exploitation Less Likely No 5.5 CVE-2026-32217 Windows Kernel Information Disclosure Vulnerability Exploitation Less Likely No 5.5 CVE-2026-32218 Windows Kernel Information Disclosure Vulnerability Exploitation Less Likely No 5.5 CVE-2026-26169 Windows Kernel Memory Information Disclosure Vulnerability Exploitation More Likely No 6.1 CVE-2026-32071 Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability Exploitation Less Likely No 7.5 CVE-2026-27929 Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-20930 Windows Management Services Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-26162 Windows OLE Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32084 Windows Print Spooler Information Disclosure Vulnerability Exploitation Unlikely No 5.5 CVE-2026-27927 Windows Projected File System Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-26184 Windows Projected File System Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32069 Windows Projected File System Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32074 Windows Projected File System Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32078 Windows Projected File System Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-26167 Windows Push Notifications Elevation of Privilege Vulnerability Exploitation Less Likely No 8.8 CVE-2026-32158 Windows Push Notifications Elevation of Privilege Vulnerability Exploitation Unlikely No 7.8 CVE-2026-32159 Windows Push Notifications Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32160 Windows Push Notifications Elevation of Privilege Vulnerability Exploitation Unlikely No 7.8 CVE-2026-26172 Windows Push Notifications Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-20928 Windows Recovery Environment Security Feature Bypass Vulnerability Exploitation Less Likely No 4.6 CVE-2026-27909 Windows Search Service Elevation of Privilege Vulnerability Exploitation More Likely No 7.8 CVE-2026-26161 Windows Sensor Data Service Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-26174 Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-26154 Windows Server Update Service (WSUS) Tampering Vulnerability Exploitation Less Likely No 7.5 CVE-2026-27918 Windows Shell Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32151 Windows Shell Information Disclosure Vulnerability Exploitation Less Likely No 6.5 CVE-2026-32225 Windows Shell Security Feature Bypass Vulnerability Exploitation More Likely No 8.8 CVE-2026-32202 Windows Shell Spoofing Vulnerability Exploitation More Likely No 4.3 CVE-2026-32082 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-32083 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-32068 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability Exploitation Unlikely No 7.0 CVE-2026-32183 Windows Snipping Tool Remote Code Execution Vulnerability Exploitation Less Likely No 7.8 CVE-2026-33829 Windows Snipping Tool Spoofing Vulnerability Exploitation Unlikely No 4.3 CVE-2026-32089 Windows Speech Brokered Api Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32090 Windows Speech Brokered Api Elevation of Privilege Vulnerability Exploitation Unlikely No 7.8 CVE-2026-32153 Windows Speech Runtime Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-33827 Windows TCP/IP Remote Code Execution Vulnerability Exploitation Less Likely No 8.1 CVE-2026-27908 Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability Exploitation More Likely No 7.0 CVE-2026-27921 Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability Exploitation More Likely No 7.0 CVE-2026-27915 Windows UPnP Device Host Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-27919 Windows UPnP Device Host Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32075 Windows UPnP Device Host Elevation of Privilege Vulnerability Exploitation More Likely No 7.0 CVE-2026-27916 Windows UPnP Device Host Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-27920 Windows UPnP Device Host Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32077 Windows UPnP Device Host Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-27925 Windows UPnP Device Host Information Disclosure Vulnerability Exploitation Less Likely No 6.5 CVE-2026-32156 Windows UPnP Device Host Remote Code Execution Vulnerability Exploitation Less Likely No 7.4 CVE-2026-32165 Windows User Interface Core Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-27911 Windows User Interface Core Elevation of Privilege Vulnerability Exploitation Unlikely No 7.8 CVE-2026-32163 Windows User Interface Core Elevation of Privilege Vulnerability Exploitation Unlikely No 7.8 CVE-2026-32164 Windows User Interface Core Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-23670 Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability Exploitation Less Likely No 5.7 CVE-2026-27917 Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 Microsoft Dynamics vulnerabilities CVE Title Exploitation status Publicly disclosed? CVSS v3 base score CVE-2026-33103 Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability Exploitation Unlikely No 5.5 CVE-2026-26149 Microsoft Power Apps Security Feature Bypass Exploitation Less Likely No 9.0 Microsoft Office vulnerabilities CVE Title Exploitation status Publicly disclosed? CVSS v3 base score CVE-2026-32188 Microsoft Excel Information Disclosure Vulnerability Exploitation Less Likely No 7.1 CVE-2026-32189 Microsoft Excel Remote Code Execution Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32197 Microsoft Excel Remote Code Execution Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32198 Microsoft Excel Remote Code Execution Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32199 Microsoft Excel Remote Code Execution Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32190 Microsoft Office Remote Code Execution Vulnerability Exploitation Less Likely No 8.4 CVE-2026-32200 Microsoft PowerPoint Remote Code Execution Vulnerability Exploitation Less Likely No 7.8 CVE-2026-20945 Microsoft SharePoint Server Spoofing Vulnerability Exploitation Less Likely No 4.6 CVE-2026-32201 Microsoft SharePoint Server Spoofing Vulnerability Exploitation Detected No 6.5 CVE-2026-33822 Microsoft Word Information Disclosure Vulnerability Exploitation Less Likely No 6.1 CVE-2026-33095 Microsoft Word Remote Code Execution Vulnerability Exploitation Less Likely No 7.8 CVE-2026-23657 Microsoft Word Remote Code Execution Vulnerability Exploitation Less Likely No 7.8 CVE-2026-33114 Microsoft Word Remote Code Execution Vulnerability Exploitation Less Likely No 8.4 CVE-2026-33115 Microsoft Word Remote Code Execution Vulnerability Exploitation Less Likely No 8.4 Open Source Software vulnerabilities CVE Title Exploitation status Publicly disclosed? CVSS v3 base score CVE-2026-40386 n/a No 4.0 CVE-2026-40385 n/a No 4.0 CVE-2026-40393 n/a No 8.1 CVE-2026-31416 netfilter: nfnetlink_log: account for netlink header size n/a No 8.1 CVE-2026-31423 net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() n/a No 5.5 CVE-2026-31424 netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP n/a No 5.5 CVE-2026-31417 net/x25: Fix overflow when accumulating packets n/a No 8.1 CVE-2026-31422 net/sched: cls_flow: fix NULL pointer dereference on shared blocks n/a No 5.5 CVE-2026-31414 netfilter: nf_conntrack_expect: use expect->helper n/a No 8.1 CVE-2026-31427 netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp n/a No 7.8 CVE-2026-31426 ACPI: EC: clean up handlers on probe failure in acpi_ec_setup() n/a No 5.5 CVE-2026-31419 net: bonding: fix use-after-free in bond_xmit_broadcast() n/a No 7.1 CVE-2026-31420 bridge: mrp: reject zero test interval to avoid OOM panic n/a No 5.5 CVE-2026-31421 net/sched: cls_fw: fix NULL pointer dereference on shared blocks n/a No 5.5 CVE-2026-31428 netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD n/a No 5.5 CVE-2026-31418 netfilter: ipset: drop logically empty buckets in mtype_del n/a No 8.1 SQL Server vulnerabilities CVE Title Exploitation status Publicly disclosed? CVSS v3 base score CVE-2026-33120 Microsoft SQL Server Remote Code Execution Vulnerability Exploitation Less Likely No 8.8 CVE-2026-32167 SQL Server Elevation of Privilege Vulnerability Exploitation Less Likely No 6.7 CVE-2026-32176 SQL Server Elevation of Privilege Vulnerability Exploitation Less Likely No 6.7 System Center vulnerabilities CVE Title Exploitation status Publicly disclosed? CVSS v3 base score CVE-2026-33825 Microsoft Defender Elevation of Privilege Vulnerability Exploitation More Likely Yes 7.8 Windows vulnerabilities CVE Title Exploitation status Publicly disclosed? CVSS v3 base score CVE-2026-32072 Active Directory Spoofing Vulnerability Exploitation Less Likely No 6.2 CVE-2023-20585 AMD: CVE-2023-20585 IOMMU Write Buffer Vulnerability Exploitation Less Likely No 5.3 CVE-2026-25184 Applocker Filter Driver (applockerfltr.sys) Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-32181 Connected User Experiences and Telemetry Service Denial of Service Vulnerability Exploitation Less Likely No 5.5 CVE-2026-27924 Desktop Window Manager Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32152 Desktop Window Manager Elevation of Privilege Vulnerability Exploitation More Likely No 7.8 CVE-2026-32154 Desktop Window Manager Elevation of Privilege Vulnerability Exploitation More Likely No 7.8 CVE-2026-27923 Desktop Window Manager Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32155 Desktop Window Manager Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-33096 HTTP.sys Denial of Service Vulnerability Exploitation Less Likely No 7.5 CVE-2026-26181 Microsoft Brokering File System Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32219 Microsoft Brokering File System Elevation of Privilege Vulnerability Exploitation Unlikely No 7.0 CVE-2026-32091 Microsoft Brokering File System Elevation of Privilege Vulnerability Exploitation Less Likely No 8.4 CVE-2026-26152 Microsoft Cryptographic Services Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-26155 Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability Exploitation Less Likely No 6.5 CVE-2026-27914 Microsoft Management Console Elevation of Privilege Vulnerability Exploitation More Likely No 7.8 CVE-2026-25250 MITRE: CVE-2026-25250 Secure Boot disable Eazy Fix Exploitation Less Likely No 6.0 CVE-2026-32081 Package Catalog Information Disclosure Vulnerability Exploitation Unlikely No 5.5 CVE-2026-26170 PowerShell Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-26183 Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32157 Remote Desktop Client Remote Code Execution Vulnerability Exploitation Less Likely No 8.8 CVE-2026-26160 Remote Desktop Licensing Service Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-26159 Remote Desktop Licensing Service Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-26151 Remote Desktop Spoofing Vulnerability Exploitation More Likely No 7.1 CVE-2026-32085 Remote Procedure Call Information Disclosure Vulnerability Exploitation Unlikely No 5.5 CVE-2026-0390 UEFI Secure Boot Security Feature Bypass Vulnerability Exploitation More Likely No 6.7 CVE-2026-32220 UEFI Secure Boot Security Feature Bypass Vulnerability Exploitation Less Likely No 4.4 CVE-2026-32212 Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability Exploitation Less Likely No 5.5 CVE-2026-32214 Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability Exploitation Less Likely No 5.5 CVE-2026-32079 Web Account Manager Information Disclosure Vulnerability Exploitation Unlikely No 5.5 CVE-2026-33104 Win32k Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-33826 Windows Active Directory Remote Code Execution Vulnerability Exploitation More Likely No 8.0 CVE-2026-32196 Windows Admin Center Spoofing Vulnerability Exploitation Less Likely No 6.1 CVE-2026-26178 Windows Advanced Rasterization Platform Elevation of Privilege Vulnerability Exploitation Less Likely No 8.8 CVE-2026-32073 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-26168 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-26173 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-26177 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-26182 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-27922 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-33099 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-33100 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-32088 Windows Biometric Service Security Feature Bypass Vulnerability Exploitation Less Likely No 6.1 CVE-2026-27913 Windows BitLocker Security Feature Bypass Vulnerability Exploitation More Likely No 7.7 CVE-2026-26175 Windows Boot Manager Security Feature Bypass Vulnerability Exploitation Less Likely No 4.6 CVE-2026-26176 Windows Client Side Caching driver (csc.sys) Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-27926 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-32162 Windows COM Elevation of Privilege Vulnerability Exploitation More Likely No 8.4 CVE-2026-20806 Windows COM Server Information Disclosure Vulnerability Exploitation Unlikely No 5.5 CVE-2026-32070 Windows Common Log File System Driver Elevation of Privilege Vulnerability Exploitation More Likely No 7.0 CVE-2026-33098 Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability Exploitation Unlikely No 7.8 CVE-2026-26153 Windows Encrypted File System (EFS) Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32087 Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-32093 Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability Exploitation More Likely No 7.0 CVE-2026-32086 Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-32150 Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-27931 Windows GDI Information Disclosure Vulnerability Exploitation Less Likely No 5.5 CVE-2026-27930 Windows GDI Information Disclosure Vulnerability Exploitation Less Likely No 5.5 CVE-2026-32221 Windows Graphics Component Remote Code Execution Vulnerability Exploitation Less Likely No 8.4 CVE-2026-27906 Windows Hello Security Feature Bypass Vulnerability Exploitation More Likely No 4.4 CVE-2026-27928 Windows Hello Security Feature Bypass Vulnerability Exploitation Less Likely No 8.7 CVE-2026-26156 Windows Hyper-V Remote Code Execution Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32149 Windows Hyper-V Remote Code Execution Vulnerability Exploitation Less Likely No 7.3 CVE-2026-27910 Windows Installer Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-33824 Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability Exploitation Less Likely No 9.8 CVE-2026-27912 Windows Kerberos Elevation of Privilege Vulnerability Exploitation Less Likely No 8.0 CVE-2026-26179 Windows Kernel Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-26180 Windows Kernel Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32195 Windows Kernel Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-26163 Windows Kernel Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32215 Windows Kernel Information Disclosure Vulnerability Exploitation Less Likely No 5.5 CVE-2026-32217 Windows Kernel Information Disclosure Vulnerability Exploitation Less Likely No 5.5 CVE-2026-32218 Windows Kernel Information Disclosure Vulnerability Exploitation Less Likely No 5.5 CVE-2026-26169 Windows Kernel Memory Information Disclosure Vulnerability Exploitation More Likely No 6.1 CVE-2026-32071 Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability Exploitation Less Likely No 7.5 CVE-2026-27929 Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-20930 Windows Management Services Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-26162 Windows OLE Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-33101 Windows Print Spooler Elevation of Privilege Vulnerability Exploitation Unlikely No 7.8 CVE-2026-32084 Windows Print Spooler Information Disclosure Vulnerability Exploitation Unlikely No 5.5 CVE-2026-27927 Windows Projected File System Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-26184 Windows Projected File System Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32069 Windows Projected File System Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32074 Windows Projected File System Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32078 Windows Projected File System Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-26167 Windows Push Notifications Elevation of Privilege Vulnerability Exploitation Less Likely No 8.8 CVE-2026-32158 Windows Push Notifications Elevation of Privilege Vulnerability Exploitation Unlikely No 7.8 CVE-2026-32159 Windows Push Notifications Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32160 Windows Push Notifications Elevation of Privilege Vulnerability Exploitation Unlikely No 7.8 CVE-2026-26172 Windows Push Notifications Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-20928 Windows Recovery Environment Security Feature Bypass Vulnerability Exploitation Less Likely No 4.6 CVE-2026-32216 Windows Redirected Drive Buffering System Denial of Service Vulnerability Exploitation Less Likely No 5.5 CVE-2026-27909 Windows Search Service Elevation of Privilege Vulnerability Exploitation More Likely No 7.8 CVE-2026-26161 Windows Sensor Data Service Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-26174 Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-32224 Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability Exploitation Unlikely No 7.0 CVE-2026-26154 Windows Server Update Service (WSUS) Tampering Vulnerability Exploitation Less Likely No 7.5 CVE-2026-26165 Windows Shell Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-26166 Windows Shell Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-27918 Windows Shell Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32151 Windows Shell Information Disclosure Vulnerability Exploitation Less Likely No 6.5 CVE-2026-32225 Windows Shell Security Feature Bypass Vulnerability Exploitation More Likely No 8.8 CVE-2026-32202 Windows Shell Spoofing Vulnerability Exploitation More Likely No 4.3 CVE-2026-32082 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-32083 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-32068 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability Exploitation Unlikely No 7.0 CVE-2026-32183 Windows Snipping Tool Remote Code Execution Vulnerability Exploitation Less Likely No 7.8 CVE-2026-33829 Windows Snipping Tool Spoofing Vulnerability Exploitation Unlikely No 4.3 CVE-2026-32089 Windows Speech Brokered Api Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32090 Windows Speech Brokered Api Elevation of Privilege Vulnerability Exploitation Unlikely No 7.8 CVE-2026-32153 Windows Speech Runtime Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-27907 Windows Storage Spaces Controller Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32076 Windows Storage Spaces Controller Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-33827 Windows TCP/IP Remote Code Execution Vulnerability Exploitation Less Likely No 8.1 CVE-2026-27908 Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability Exploitation More Likely No 7.0 CVE-2026-27921 Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability Exploitation More Likely No 7.0 CVE-2026-27915 Windows UPnP Device Host Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-27919 Windows UPnP Device Host Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32075 Windows UPnP Device Host Elevation of Privilege Vulnerability Exploitation More Likely No 7.0 CVE-2026-27916 Windows UPnP Device Host Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-27920 Windows UPnP Device Host Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-32077 Windows UPnP Device Host Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-27925 Windows UPnP Device Host Information Disclosure Vulnerability Exploitation Less Likely No 6.5 CVE-2026-32156 Windows UPnP Device Host Remote Code Execution Vulnerability Exploitation Less Likely No 7.4 CVE-2026-32223 Windows USB Printing Stack (usbprint.sys) Elevation of Privilege Vulnerability Exploitation Less Likely No 6.8 CVE-2026-32165 Windows User Interface Core Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-27911 Windows User Interface Core Elevation of Privilege Vulnerability Exploitation Unlikely No 7.8 CVE-2026-32163 Windows User Interface Core Elevation of Privilege Vulnerability Exploitation Unlikely No 7.8 CVE-2026-32164 Windows User Interface Core Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 CVE-2026-23670 Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability Exploitation Less Likely No 5.7 CVE-2026-32080 Windows WalletService Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-27917 Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Elevation of Privilege Vulnerability Exploitation Less Likely No 7.0 CVE-2026-32222 Windows Win32k Elevation of Privilege Vulnerability Exploitation Less Likely No 7.8 Zero-Day Vulnerabilities: Known Exploited CVE Title Exploitation status Publicly disclosed? CVSS v3 base score CVE-2026-32201 Microsoft SharePoint Server Spoofing Vulnerability Exploitation Detected No 6.5 Zero-Day Vulnerabilities: Publicly Disclosed (No known exploitation) CVE Title Exploitation status Publicly disclosed? CVSS v3 base score CVE-2026-33825 Microsoft Defender Elevation of Privilege Vulnerability Exploitation More Likely Yes 7.8 Critical RCEs and EoPs CVE Title Exploitation status Publicly disclosed? CVSS v3 base score CVE-2026-33824 Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability Exploitation Less Likely No 9.8

Indicators of Compromise (183)

CVE (183)
CVE-2026-32201
NVDMITRE CVE
CVE-2026-33825
NVDMITRE CVE
CVE-2026-33824
NVDMITRE CVE
CVE-2026-32171
NVDMITRE CVE
CVE-2026-32168
NVDMITRE CVE
CVE-2026-32192
NVDMITRE CVE
CVE-2026-32184
NVDMITRE CVE
CVE-2026-32203
NVDMITRE CVE
CVE-2026-26171
NVDMITRE CVE
CVE-2026-32226
NVDMITRE CVE
CVE-2026-23666
NVDMITRE CVE
CVE-2026-32178
NVDMITRE CVE
CVE-2026-33116
NVDMITRE CVE
CVE-2026-23653
NVDMITRE CVE
CVE-2026-32631
NVDMITRE CVE
CVE-2026-21637
NVDMITRE CVE
CVE-2026-26143
NVDMITRE CVE
CVE-2026-32072
NVDMITRE CVE
CVE-2026-32181
NVDMITRE CVE
CVE-2026-27924
NVDMITRE CVE
CVE-2026-32154
NVDMITRE CVE
CVE-2026-27923
NVDMITRE CVE
CVE-2026-32155
NVDMITRE CVE
CVE-2026-32091
NVDMITRE CVE
CVE-2026-26152
NVDMITRE CVE
CVE-2026-26155
NVDMITRE CVE
CVE-2026-27914
NVDMITRE CVE
CVE-2026-25250
NVDMITRE CVE
CVE-2026-32081
NVDMITRE CVE
CVE-2026-26170
NVDMITRE CVE
CVE-2026-26183
NVDMITRE CVE
CVE-2026-32157
NVDMITRE CVE
CVE-2026-26160
NVDMITRE CVE
CVE-2026-26159
NVDMITRE CVE
CVE-2026-26151
NVDMITRE CVE
CVE-2026-32085
NVDMITRE CVE
CVE-2026-0390
NVDMITRE CVE
CVE-2026-32212
NVDMITRE CVE
CVE-2026-32214
NVDMITRE CVE
CVE-2026-32079
NVDMITRE CVE
CVE-2026-33104
NVDMITRE CVE
CVE-2026-33826
NVDMITRE CVE
CVE-2026-26178
NVDMITRE CVE
CVE-2026-32073
NVDMITRE CVE
CVE-2026-26168
NVDMITRE CVE
CVE-2026-26173
NVDMITRE CVE
CVE-2026-26177
NVDMITRE CVE
CVE-2026-26182
NVDMITRE CVE
CVE-2026-27922
NVDMITRE CVE
CVE-2026-33099
NVDMITRE CVE
CVE-2026-33100
NVDMITRE CVE
CVE-2026-32088
NVDMITRE CVE
CVE-2026-27913
NVDMITRE CVE
CVE-2026-26175
NVDMITRE CVE
CVE-2026-26176
NVDMITRE CVE
CVE-2026-27926
NVDMITRE CVE
CVE-2026-32162
NVDMITRE CVE
CVE-2026-20806
NVDMITRE CVE
CVE-2026-32070
NVDMITRE CVE
CVE-2026-33098
NVDMITRE CVE
CVE-2026-26153
NVDMITRE CVE
CVE-2026-32087
NVDMITRE CVE
CVE-2026-32093
NVDMITRE CVE
CVE-2026-32086
NVDMITRE CVE
CVE-2026-32150
NVDMITRE CVE
CVE-2026-27931
NVDMITRE CVE
CVE-2026-27930
NVDMITRE CVE
CVE-2026-27906
NVDMITRE CVE
CVE-2026-26156
NVDMITRE CVE
CVE-2026-32149
NVDMITRE CVE
CVE-2026-27910
NVDMITRE CVE
CVE-2026-27912
NVDMITRE CVE
CVE-2026-26180
NVDMITRE CVE
CVE-2026-26163
NVDMITRE CVE
CVE-2026-32215
NVDMITRE CVE
CVE-2026-32217
NVDMITRE CVE
CVE-2026-32218
NVDMITRE CVE
CVE-2026-26169
NVDMITRE CVE
CVE-2026-32071
NVDMITRE CVE
CVE-2026-27929
NVDMITRE CVE
CVE-2026-20930
NVDMITRE CVE
CVE-2026-26162
NVDMITRE CVE
CVE-2026-32084
NVDMITRE CVE
CVE-2026-27927
NVDMITRE CVE
CVE-2026-26184
NVDMITRE CVE
CVE-2026-32069
NVDMITRE CVE
CVE-2026-32074
NVDMITRE CVE
CVE-2026-32078
NVDMITRE CVE
CVE-2026-26167
NVDMITRE CVE
CVE-2026-32158
NVDMITRE CVE
CVE-2026-32159
NVDMITRE CVE
CVE-2026-32160
NVDMITRE CVE
CVE-2026-26172
NVDMITRE CVE
CVE-2026-20928
NVDMITRE CVE
CVE-2026-27909
NVDMITRE CVE
CVE-2026-26161
NVDMITRE CVE
CVE-2026-26174
NVDMITRE CVE
CVE-2026-26154
NVDMITRE CVE
CVE-2026-27918
NVDMITRE CVE
CVE-2026-32151
NVDMITRE CVE
CVE-2026-32225
NVDMITRE CVE
CVE-2026-32202
NVDMITRE CVE
CVE-2026-32082
NVDMITRE CVE
CVE-2026-32083
NVDMITRE CVE
CVE-2026-32068
NVDMITRE CVE
CVE-2026-32183
NVDMITRE CVE
CVE-2026-33829
NVDMITRE CVE
CVE-2026-32089
NVDMITRE CVE
CVE-2026-32090
NVDMITRE CVE
CVE-2026-32153
NVDMITRE CVE
CVE-2026-33827
NVDMITRE CVE
CVE-2026-27908
NVDMITRE CVE
CVE-2026-27921
NVDMITRE CVE
CVE-2026-27915
NVDMITRE CVE
CVE-2026-27919
NVDMITRE CVE
CVE-2026-32075
NVDMITRE CVE
CVE-2026-27916
NVDMITRE CVE
CVE-2026-27920
NVDMITRE CVE
CVE-2026-32077
NVDMITRE CVE
CVE-2026-27925
NVDMITRE CVE
CVE-2026-32156
NVDMITRE CVE
CVE-2026-32165
NVDMITRE CVE
CVE-2026-27911
NVDMITRE CVE
CVE-2026-32163
NVDMITRE CVE
CVE-2026-32164
NVDMITRE CVE
CVE-2026-23670
NVDMITRE CVE
CVE-2026-27917
NVDMITRE CVE
CVE-2026-33103
NVDMITRE CVE
CVE-2026-26149
NVDMITRE CVE
CVE-2026-32188
NVDMITRE CVE
CVE-2026-32189
NVDMITRE CVE
CVE-2026-32197
NVDMITRE CVE
CVE-2026-32198
NVDMITRE CVE
CVE-2026-32199
NVDMITRE CVE
CVE-2026-32190
NVDMITRE CVE
CVE-2026-32200
NVDMITRE CVE
CVE-2026-20945
NVDMITRE CVE
CVE-2026-33822
NVDMITRE CVE
CVE-2026-33095
NVDMITRE CVE
CVE-2026-23657
NVDMITRE CVE
CVE-2026-33114
NVDMITRE CVE
CVE-2026-33115
NVDMITRE CVE
CVE-2026-40386
NVDMITRE CVE
CVE-2026-40385
NVDMITRE CVE
CVE-2026-40393
NVDMITRE CVE
CVE-2026-31416
NVDMITRE CVE
CVE-2026-31423
NVDMITRE CVE
CVE-2026-31424
NVDMITRE CVE
CVE-2026-31417
NVDMITRE CVE
CVE-2026-31422
NVDMITRE CVE
CVE-2026-31414
NVDMITRE CVE
CVE-2026-31427
NVDMITRE CVE
CVE-2026-31426
NVDMITRE CVE
CVE-2026-31419
NVDMITRE CVE
CVE-2026-31420
NVDMITRE CVE
CVE-2026-31421
NVDMITRE CVE
CVE-2026-31428
NVDMITRE CVE
CVE-2026-31418
NVDMITRE CVE
CVE-2026-33120
NVDMITRE CVE
CVE-2026-32167
NVDMITRE CVE
CVE-2026-32176
NVDMITRE CVE
CVE-2023-20585
NVDMITRE CVE
CVE-2026-25184
NVDMITRE CVE
CVE-2026-32152
NVDMITRE CVE
CVE-2026-33096
NVDMITRE CVE
CVE-2026-26181
NVDMITRE CVE
CVE-2026-32219
NVDMITRE CVE
CVE-2026-32220
NVDMITRE CVE
CVE-2026-32196
NVDMITRE CVE
CVE-2026-32221
NVDMITRE CVE
CVE-2026-27928
NVDMITRE CVE
CVE-2026-26179
NVDMITRE CVE
CVE-2026-32195
NVDMITRE CVE
CVE-2026-33101
NVDMITRE CVE
CVE-2026-32216
NVDMITRE CVE
CVE-2026-32224
NVDMITRE CVE
CVE-2026-26165
NVDMITRE CVE
CVE-2026-26166
NVDMITRE CVE
CVE-2026-27907
NVDMITRE CVE
CVE-2026-32076
NVDMITRE CVE
CVE-2026-32223
NVDMITRE CVE
CVE-2026-32080
NVDMITRE CVE
CVE-2026-32222
NVDMITRE CVE
Source Attribution

Originally published by Rapid7 on Apr 14, 2026.

Related Threats

CRITICALZero Day

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems. The activity involves the exploitation of three vulnerabilities that are codenamed BlueHammer (requires GitHub sign-in), RedSun, and UnDefend, all of which were released as zero-days by a researcher known as Chaotic Eclipse (

The Hacker News
MEDIUMVulnerability

Are Former Black Basta Affiliates Automating Executive Targeting?

A new report by Reliaquest considers data suggesting that former Black Basta affiliates are not only using the gang’s social engineering playbook, but have been successfully honing it and targeting corporate executives: A new campaign is successfully evolving “Black Basta’s” signature social engineering playbook into a faster, more targeted, and increasingly automated intrusion method aimed

DataBreaches.net
CRITICALZero Day

White House moves to give federal agencies access to Anthropic’s Claude Mythos

The US government is preparing to authorize a version of Anthropic’s Claude Mythos model for use by major US federal agencies, amid concerns that the AI model could rapidly spot cybersecurity vulnerabilities and offer the ability to exploit them. Federal Chief Information Officer Gregory Barbaccia at the White House Office of Management and Budget (OMB) told officials at Cabinet departments on Tue

CSO Online