newsThe portal itself — self-promo until real sponsors land
Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
25 results//sorted by published//last sync 2026-06-17 22:56Z
Subscribe to news →
CVE-2026-47652 — Out: Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. CVSSv3.1 8.2 (HIGH)
8.2
CVSS v3.1
91
Edit Score
CVE-2026-47643 — External: control of file name or path in Azure Stack Edge allows an unauthorized
External control of file name or path in Azure Stack Edge allows an unauthorized attacker to execute code over a network. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-47635 — Access: of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. CVSSv3.1 8.4 (HIGH)
8.4
CVSS v3.1
92
Edit Score
CVE-2026-47631 — Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network. CVSSv3.1 8.1 (HIGH)
8.1
CVSS v3.1
91
Edit Score
CVE-2026-47298 — Microsoft: Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. CVSSv3.1 8.0 (HIGH)
8.0
CVSS v3.1
90
Edit Score
CVE-2026-47291 — Integer: overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code
Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-47289 — Heap: Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-47281 — Visual: Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges
Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network. CVSSv3.1 9.6 (CRITICAL)
9.6
CVSS v3.1
98
Edit Score
CVE-2026-45657 — Use: after free in Windows Kernel allows an unauthorized attacker to execute code over
Use after free in Windows Kernel allows an unauthorized attacker to execute code over a network. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-45648 — Stack: Stack-based buffer overflow in Active Directory Domain Services allows an authorized attacker to execute
Stack-based buffer overflow in Active Directory Domain Services allows an authorized attacker to execute code over a network. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-45644 — Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Live Share
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Live Share Canvas SDK allows an authorized attacker to elevate privileges over a network. CVSSv3.1 8.0 (HIGH)
8.0
CVSS v3.1
90
Edit Score
CVE-2026-45641 — Out: Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. CVSSv3.1 8.4 (HIGH)
8.4
CVSS v3.1
92
Edit Score
CVE-2026-45635 — Use: after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to
Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network. CVSSv3.1 8.1 (HIGH)
8.1
CVSS v3.1
91
Edit Score
CVE-2026-45607 — Out: Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. CVSSv3.1 8.4 (HIGH)
8.4
CVSS v3.1
92
Edit Score
CVE-2026-45602 — No cwe for this issue in Windows DHCP Server allows an unauthorized attacker to
No cwe for this issue in Windows DHCP Server allows an unauthorized attacker to perform tampering over a network. CVSSv3.1 9.1 (CRITICAL)
9.1
CVSS v3.1
96
Edit Score
CVE-2026-45599 — Use: after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to
Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network. CVSSv3.1 8.1 (HIGH)
8.1
CVSS v3.1
91
Edit Score
CVE-2026-45504 — Server: Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to elevate
Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-45503 — Server: Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose
Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose information over a network. CVSSv3.1 8.1 (HIGH)
8.1
CVSS v3.1
91
Edit Score
CVE-2026-45484 — Deserialization: of untrusted data in Microsoft Office SharePoint allows an authorized attacker to elevate
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-45482 — Improper limitation of a pathname to a restricted directory ('path traversal') in GitHub Copilot
Improper limitation of a pathname to a restricted directory ('path traversal') in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature locally. CVSSv3.1 8.4 (HIGH)
8.4
CVSS v3.1
92
Edit Score
CVE-2026-45476 — Use: after free in Linux MANA Driver allows an authorized attacker to elevate privileges
Use after free in Linux MANA Driver allows an authorized attacker to elevate privileges locally. CVSSv3.1 8.2 (HIGH)
8.2
CVSS v3.1
91
Edit Score
CVE-2026-45474 — Heap: Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. CVSSv3.1 8.4 (HIGH)
8.4
CVSS v3.1
92
Edit Score
CVE-2026-45472 — Heap: Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. CVSSv3.1 8.4 (HIGH)
8.4
CVSS v3.1
92
Edit Score
CVE-2026-45463 — Heap: Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. CVSSv3.1 8.4 (HIGH)
8.4
CVSS v3.1
92
Edit Score
CVE-2026-45461 — Heap: Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. CVSSv3.1 8.4 (HIGH)
8.4
CVSS v3.1
92
Edit Score