InfoSecBulletin Cybersecurity for mankind
Microsoft’s June 2026 Patch Tuesday updates fix about 200 security flaws found in the company’s products. None of the flaws fixed this month seem to have been used by anyone outside, but three issues were shared publicly before Microsoft fixed them.
One of them is CVE-2026-49160, which is a denial-of-service (DoS) flaw for Windows. This weak point is linked to HTTP2/Bomb, a method of attack that could hit many websites, shutting down web servers in just seconds.
New Windows Defender ‘RoguePlanet’ zero-day grants SYSTEM privileges
By infosecbulletin
/ Wednesday , June 10 2026
A security expert shared a new Microsoft Defender vulnerability called "RoguePlanet" only hours after Microsoft fixed two earlier problems in...
Read More
Microsoft June Patches 200 Vulnerabilities including 3 zero days
By infosecbulletin
/ Wednesday , June 10 2026
Microsoft's June 2026 Patch Tuesday updates fix about 200 security flaws found in the company's products. None of the flaws fixed...
Read More
World’s first wind power underwater data center is now live
By infosecbulletin
/ Tuesday , June 9 2026
The first business underwater data center run by offshore wind has started working near Shanghai. Submerged 10 metres under the...
Read More
VMware Fixed Multiple Flaws Allow Attackers to Inject Malicious Scripts
By infosecbulletin
/ Tuesday , June 9 2026
Broadcom has revealed three stored cross-site scripting (XSS) flaws that affect VMware Cloud Foundation Operations and some other products. They...
Read More
CVE-2026-50751
Check Point VPN 0-day Flaw Exploited in the Wild
By infosecbulletin
/ Tuesday , June 9 2026
Check Point Research found that CVE-2026-50751, a serious flaw in Check Point Remote Access VPN and Mobile Access, is being...
Read More
AI-designed First ‘universal vaccine’ tested in humans
By infosecbulletin
/ Monday , June 8 2026
AI helped to make a new kind of vaccine that can protect people from many types of viruses and stop...
Read More
China Unveils First Prefabricated Data Center Base, Reducing Construction Time by 70%
By infosecbulletin
/ Sunday , June 7 2026
The world's first prefabricated computing power center base officially began operation on Saturday in Qingdao City, east China's Shandong Province,...
Read More
Hacker now exploits recently patched SolarWinds Serv-U flaw
By infosecbulletin
/ Saturday , June 6 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today that hackers are using a newly fixed serious SolarWinds Serv-U...
Read More
Cisco SD-WAN Flaw Exploited and Trend Micro Flaws Allows to Security Bypass
By infosecbulletin
/ Friday , June 5 2026
Trend Micro’s Deep Security Agent for Linux has a design flaw. This issue lets a local attacker, who does not...
Read More
Ransomware Crisis Deepens: 4,089 Victims Hit Across 121 Countries in 2026
By infosecbulletin
/ Friday , June 5 2026
According to the latest ransomware numbers from 2026, cybercrime is still a big worry worldwide. In 2026, 4,089 groups have...
Read More
Another revealed weakness is CVE-2026-50507, a flaw in Windows BitLocker that lets someone with physical access to the computer reach encrypted data.
The security problem might be connected to YellowKey. This is one of the exploits shared by a researcher called Chaotic Eclipse and Nightmare Eclipse. They started sharing proof-of-concept code after a fight with Microsoft. Many of the exploits leaked by this researcher have been used in real attacks.
Microsoft fixed a new problem this month called CVE-2026-45586. It’s a bug in the Windows Collaborative Translation Framework that can be used to gain system-level access. An unnamed researcher told the company about this issue.
All three publicly disclosed issues have been assigned an ‘exploitation more likely’ exploitability assessment by Microsoft.
About 40 out of 200 security problems fixed this month are rated as ‘critical’. They impact Windows, Azure, Office, Outlook, Exchange, and AI tools. If these are misused, they can allow hackers to run code remotely, gain higher access, and steal information.
| Tag | CVE ID | CVE Title | Severity |
|---|---|---|---|
| .NET | CVE-2026-45491 | .NET Tampering Vulnerability | Important |
| .NET | CVE-2026-45490 | .NET SDK Elevation of Privilege Vulnerability | Important |
| Active Directory Domain Services | CVE-2026-45648 | Windows Active Directory Domain Services Remote Code Execution Vulnerability | Critical |
| ASP.NET Core | CVE-2026-45591 | ASP.NET Core Denial of Service Vulnerability | Important |
| Azure Stack Edge | CVE-2026-47643 | Azure Stack Edge Remote Code Execution Vulnerability | Important |
| Azure Stack Edge | CVE-2026-41098 | Azure Stack Edge Spoofing Vulnerability | Important |
| Function Discovery Service (fdwsd.dll) | CVE-2026-42836 | Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability | Important |
| GitHub Copilot and Visual Studio Code | CVE-2026-45482 | Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass Vulnerability | Important |
| HTTP/2 | CVE-2026-49160 | HTTP.sys Denial of Service Vulnerability | Important |
| Linux MANA Driver | CVE-2026-45476 | Microsoft Azure Network Adapter Elevation of Privilege Vulnerability | Critical |
| Microsoft Azure Attestation service and Device Health Attestation Service | CVE-2026-45642 | Microsoft Azure Attestation service and Device Health Attestation Service Spoofing Vulnerability | Important |
| Microsoft Azure Attestation service and Device Health Attestation Service | CVE-2026-33828 | Windows Device Health Attestation (DHA) Elevation of Privilege Vulnerability | Critical |
| Microsoft Azure Kubernetes Service | CVE-2026-32193 | Azure Kubernetes Service (AKS) Remote Code Execution Vulnerability | Critical |
| Microsoft Bing | CVE-2026-45650 | Microsoft Bing Search Spoofing Vulnerability | Important |
| Microsoft Defender for Endpoint | CVE-2026-45647 | Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability | Important |
| Microsoft Dynamics 365 (on-premises) | CVE-2026-40371 | Microsoft Dynamics 365 (on-premises) Elevation of Privilege Vulnerability | Important |
| Microsoft Exchange Server | CVE-2026-45500 | Microsoft Exchange Server Spoofing Vulnerability | Important |
| Microsoft Exchange Server | CVE-2026-45501 | Microsoft Exchange Server Spoofing Vulnerability | Important |
| Microsoft Exchange Server | CVE-2026-47631 | Microsoft Exchange Server Spoofing Vulnerability | Important |
| Microsoft Exchange Server | CVE-2026-45503 | Microsoft Exchange Server Information Disclosure Vulnerability | Important |
| Microsoft Exchange Server | CVE-2026-45504 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important |
| Microsoft Exchange Server | CVE-2026-45502 | Microsoft Exchange Server Information Disclosure Vulnerability | Important |
| Microsoft Exchange Server | CVE-2026-45583 | Microsoft Exchange Server Remote Code Execution Vulnerability | Important |
| Microsoft Graphics Component | CVE-2026-42986 | Microsoft Graphics Component Elevation of Privilege Vulnerability | Important |
| Microsoft Kinect | CVE-2026-41092 | Microsoft Kinect Elevation of Privilege Vulnerability | Important |
| Microsoft Live Share Canvas SDK | CVE-2026-45644 | Microsoft Live Share Canvas SDK Elevation of Privilege Vulnerability | Important |
| Microsoft Office | CVE-2026-45463 | Microsoft Office Remote Code Execution Vulnerability | Critical |
| Microsoft Office | CVE-2026-44821 | Microsoft Office Information Disclosure Vulnerability | Important |
| Microsoft Office | CVE-2026-45474 | Microsoft Office Remote Code Execution Vulnerability | Critical |
| Microsoft Office | CVE-2026-44819 | Microsoft Office Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2026-44824 | Microsoft Office Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2026-45485 | Microsoft Office Information Disclosure Vulnerability | Important |
| Microsoft Office | CVE-2026-45645 | Microsoft Office Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2026-45472 | Microsoft Office Remote Code Execution Vulnerability | Critical |
| Microsoft Office | CVE-2026-45458 | Microsoft Outlook and Word Remote Code Execution Vulnerability | Critical |
| Microsoft Office | CVE-2026-45460 | Microsoft Office Information Disclosure Vulnerability | Critical |
| Microsoft Office | CVE-2026-47635 | Microsoft Outlook and Word Remote Code Execution Vulnerability | Critical |
| Microsoft Office | CVE-2026-45456 | Microsoft Outlook and Word Remote Code Execution Vulnerability | Critical |
| Microsoft Office | CVE-2026-45461 | Microsoft Office Remote Code Execution Vulnerability | Critical |
| Microsoft Office | CVE-2026-45475 | Microsoft Office Remote Code Execution Vulnerability | Important |
| Microsoft Office Click-To-Run | CVE-2026-47293 | Microsoft Office Click-To-Run Elevation of Privilege Vulnerability | Important |
| Microsoft Office Excel | CVE-2026-44820 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2026-44818 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2026-44817 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2026-45469 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2026-44822 | Microsoft Excel Information Disclosure Vulnerability | Important |
| Microsoft Office Excel | CVE-2026-45455 | Microsoft Excel Information Disclosure Vulnerability | Important |
| Microsoft Office Excel | CVE-2026-44823 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2026-45459 | Microsoft Excel Security Feature Bypass Vulnerability | Important |
| Microsoft Office Project | CVE-2026-45483 | Microsoft Office Project Server Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2026-45484 | Microsoft SharePoint Elevation of Privilege Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2026-45465 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2026-47634 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2026-47640 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2026-45481 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2026-45468 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2026-47638 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2026-47639 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2026-47641 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2026-47637 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2026-45467 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2026-45453 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2026-47636 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2026-48560 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2026-47298 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2026-45454 | Microsoft SharePoint Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2026-33113 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2026-45479 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2026-48562 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2026-45464 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2026-45462 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Office Word | CVE-2026-45643 | Microsoft Word Remote Code Execution Vulnerability | Important |
| Microsoft Office Word | CVE-2026-45457 | Microsoft Word Remote Code Execution Vulnerability | Important |
| Microsoft Office Word | CVE-2026-45486 | Microsoft Word Remote Code Execution Vulnerability | Important |
| Microsoft Office Word | CVE-2026-45471 | Microsoft Word Remote Code Execution Vulnerability | Important |
| Microsoft Office Word | CVE-2026-45466 | Microsoft Word Information Disclosure Vulnerability | Important |
| Microsoft PC Manager | CVE-2026-49161 | Microsoft PC Manager Security Feature Bypass Vulnerability | Important |
| Microsoft PowerToys | CVE-2026-42902 | Microsoft PowerToys Elevation of Privilege Vulnerability | Important |
| Microsoft Teams for Android | CVE-2026-42835 | Microsoft Teams for Android Information Disclosure Vulnerability | Important |
| Microsoft UxTheme Library (uxtheme.dll) | CVE-2026-45606 | Microsoft UxTheme Library (uxtheme.dll) Denial of Service Vulnerability | Important |
| Microsoft Windows DNS | CVE-2026-41108 | Windows DNS Client Elevation of Privilege Vulnerability | Important |
| Nuance PowerScribe | CVE-2026-26142 | Nuance PowerScribe Remote Code Execution Vulnerability | Critical |
| Office for Android | CVE-2026-45649 | Office for Android Spoofing Vulnerability | Important |
| Remote Desktop Client | CVE-2026-42993 | Remote Desktop Client Remote Code Execution Vulnerability | Important |
| Remote Desktop Client | CVE-2026-42985 | Remote Desktop Client Remote Code Execution Vulnerability | Critical |
| Remote Desktop Client | CVE-2026-47653 | Remote Desktop Client Remote Code Execution Vulnerability | Important |
| Remote Desktop Client | CVE-2026-47289 | Remote Desktop Client Remote Code Execution Vulnerability | Critical |
| Remote Desktop Client | CVE-2026-42909 | Remote Desktop Client Remote Code Execution Vulnerability | Important |
| Remote Desktop Client | CVE-2026-47654 | Remote Desktop Client Remote Code Execution Vulnerability | Critical |
| Remote Desktop Client | CVE-2026-42992 | Remote Desktop Client Remote Code Execution Vulnerability | Critical |
| Remote Desktop Client | CVE-2026-42913 | Remote Desktop Client Remote Code Execution Vulnerability | Important |
| Remote Desktop Client | CVE-2026-44801 | Remote Desktop Client Remote Code Execution Vulnerability | Critical |
| Remote Desktop Client | CVE-2026-44799 | Remote Desktop Client Remote Code Execution Vulnerability | Critical |
| Remote Desktop Client | CVE-2026-48563 | Remote Desktop Client Remote Code Execution Vulnerability | Critical |
| Role: Windows Hyper-V | CVE-2026-45641 | Windows Hyper-V Remote Code Execution Vulnerability | Critical |
| Role: Windows Hyper-V | CVE-2026-42972 | Windows Hyper-V Information Disclosure Vulnerability | Important |
| UI Automation Manager (uiamanager.dll) | CVE-2026-45597 | Windows UI Automation Manager (uiamanager.dll) Elevation of Privilege Vulnerability | Important |
| Universal Plug and Play (upnp.dll) | CVE-2026-45599 | Windows UPnP Device Host Remote Code Execution Vulnerability | Important |
| Universal Plug and Play (upnp.dll) | CVE-2026-45635 | Windows UPnP Device Host Remote Code Execution Vulnerability | Important |
| Visual Studio Code | CVE-2026-47287 | Visual Studio Code Tampering Vulnerability | Important |
| Visual Studio Code | CVE-2026-47292 | Visual Studio Code MSSQL Extension Remote Code Execution Vulnerability | Important |
| Visual Studio Code | CVE-2026-40376 | Visual Studio Code Elevation of Privilege Vulnerability | Important |
| Visual Studio Code | CVE-2026-47284 | Visual Studio Code Information Disclosure Vulnerability | Important |
| Visual Studio Code | CVE-2026-47281 | Visual Studio Code Elevation of Privilege Vulnerability | Important |
| Visual Studio Code | CVE-2026-48569 | Visual Studio Code Security Feature Bypass Vulnerability | Important |
| Windows Administrator Protection | CVE-2026-42829 | Windows Administrator Protection Secure Feature Bypass Vulnerability | Important |
| Windows Ancillary Function Driver for WinSock | CVE-2026-42911 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Important |
| Windows Ancillary Function Driver for WinSock | CVE-2026-45598 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Important |
| Windows Ancillary Function Driver for WinSock | CVE-2026-45601 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Important |
| Windows Ancillary Function Driver for WinSock | CVE-2026-45603 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Important |
| Windows Ancillary Function Driver for WinSock | CVE-2026-34335 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Important |
| Windows Ancillary Function Driver for WinSock | CVE-2026-45596 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Important |
| Windows Ancillary Function Driver for WinSock | CVE-2026-45638 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Important |
| Windows Application Identity (AppID) Subsystem | CVE-2026-45604 | Windows Managed Installer Information Disclosure Vulnerability | Important |
| Windows Application Identity (AppID) Subsystem | CVE-2026-45594 | Windows Application Identity (AppID) Information Disclosure Vulnerability | Important |
| Windows BitLocker | CVE-2026-45658 | Windows BitLocker Security Feature Bypass Vulnerability | Important |
| Windows BitLocker | CVE-2026-50507 | Windows BitLocker Security Feature Bypass Vulnerability | Important |
| Windows BitLocker | CVE-2026-45655 | Windows BitLocker Security Feature Bypass Vulnerability | Important |
| Windows Bluetooth Port Driver | CVE-2026-45640 | Windows Bluetooth Port Driver Elevation of Privilege Vulnerability | Important |
| Windows Bluetooth Service | CVE-2026-45605 | Windows Bluetooth Service Elevation of Privilege Vulnerability | Important |
| Windows Boot Manager | CVE-2026-47656 | Windows Boot Manager Security Feature Bypass Vulnerability | Important |
| Windows Collaborative Translation Framework | CVE-2026-45586 | Windows Collaborative Translation Framework (CTFMON) Elevation of Privilege Vulnerability | Important |
| Windows Common Log File System Driver | CVE-2026-44809 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important |
| Windows Cryptographic Services | CVE-2026-44810 | Microsoft Cryptographic Services Elevation of Privilege Vulnerability | Critical |
| Windows Deployment Services | CVE-2026-42987 | Windows Deployment Services (WDS) Remote Code Execution | Critical |
| Windows DHCP Client | CVE-2026-44815 | DHCP Client Service Remote Code Execution Vulnerability | Critical |
| Windows DHCP Client | CVE-2026-45608 | Windows DHCP Client Information Disclosure Vulnerability | Important |
| Windows DHCP Server | CVE-2026-45634 | Windows DHCP Client Information Disclosure Vulnerability | Important |
| Windows DHCP Server | CVE-2026-45602 | Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability | Important |
| Windows DWM Core Library | CVE-2026-44807 | Windows DWM Core Library Elevation of Privilege Vulnerability | Important |
| Windows DWM Core Library | CVE-2026-44814 | Windows DWM Core Library Information Disclosure Vulnerability | Important |
| Windows DWM Core Library | CVE-2026-44811 | Windows DWM Core Library Elevation of Privilege Vulnerability | Important |
| Windows DWM Core Library | CVE-2026-44808 | Windows DWM Core Library Elevation of Privilege Vulnerability | Important |
| Windows DWM Core Library | CVE-2026-48566 | Windows DWM Core Library Information Disclosure Vulnerability | Important |
| Windows DWM Core Library | CVE-2026-45637 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Important |
| Windows DWM Core Library | CVE-2026-42905 | Windows DWM Core Library Elevation of Privilege Vulnerability | Important |
| Windows DWM Core Library | CVE-2026-44813 | Windows DWM Core Library Elevation of Privilege Vulnerability | Important |
| Windows DWM Core Library | CVE-2026-42983 | Windows DWM Core Library Elevation of Privilege Vulnerability | Important |
| Windows DWM Core Library | CVE-2026-44802 | Windows DWM Core Library Elevation of Privilege Vulnerability | Important |
| Windows DWM Core Library | CVE-2026-44804 | Windows DWM Core Library Elevation of Privilege Vulnerability | Important |
| Windows Hotpatch Monitoring Service | CVE-2026-42910 | Windows Hotpatch Monitoring Service Elevation of Privilege Vulnerability | Important |
| Windows HTTP.sys | CVE-2026-47291 | HTTP.sys Remote Code Execution Vulnerability | Critical |
| Windows Hyper-V | CVE-2026-47652 | Windows Hyper-V Remote Code Execution Vulnerability | Critical |
| Windows Hyper-V | CVE-2026-45607 | Windows Hyper-V Remote Code Execution Vulnerability | Critical |
| Windows Internet (wininet.dll) | CVE-2026-45592 | Windows Internet (wininet.dll) Elevation of Privilege Vulnerability | Important |
| Windows Kerberos | CVE-2026-47288 | Windows Kerberos Key Distribution Center (KDC) Remote Code Execution | Critical |
| Windows Kerberos | CVE-2026-42914 | Windows Kerberos Denial of Service Vulnerability | Important |
| Windows Kerberos | CVE-2026-42903 | Windows Kerberos Denial of Service Vulnerability | Important |
| Windows Kernel | CVE-2026-42984 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2026-45653 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2026-48583 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2025-10263 | ARM: CVE-2025-10263 Completion of affected memory accesses might not be guaranteed by completion of a TLBI [kernel] | Critical |
| Windows Kernel | CVE-2026-45657 | Windows Kernel Remote Code Execution Vulnerability | Critical |
| Windows Kernel-Mode Drivers | CVE-2026-45600 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Important |
| Windows Mark of the Web (MOTW) | CVE-2026-45595 | Windows Mark of the Web Security Feature Bypass Vulnerability | Important |
| Windows Media | CVE-2026-48574 | Windows Media Remote Code Execution Vulnerability | Critical |
| Windows Narrator Braille | CVE-2026-48565 | Windows Narrator Braille Elevation of Privilege Vulnerability | Important |
| Windows Network Controller (NC) Host Agent | CVE-2026-44805 | Windows Network Controller (NC) Host Agent Denial of Service Vulnerability | Important |
| Windows NT OS Kernel | CVE-2026-42980 | NT OS Kernel Elevation of Privilege Vulnerability | Important |
| Windows NT OS Kernel | CVE-2026-42916 | NT OS Kernel Elevation of Privilege Vulnerability | Important |
| Windows NTFS | CVE-2026-45636 | Windows NTFS Remote Code Execution Vulnerability | Important |
| Windows NTLM | CVE-2026-50508 | Windows NTLM Spoofing Vulnerability | Important |
| Windows Performance Monitor | CVE-2026-42981 | Windows Performance Monitor Remote Code Execution Vulnerability | Important |
| Windows Performance Monitor | CVE-2026-42974 | Windows Performance Monitor Remote Code Execution Vulnerability | Important |
| Windows Program Compatibility Assistant Service | CVE-2026-45487 | Windows Program Compatibility Assistant Service Elevation of Privilege Vulnerability | Important |
| Windows Projected File System Filter Driver | CVE-2026-42828 | Windows Projected File System Elevation of Privilege Vulnerability | Important |
| Windows Projected File System Filter Driver | CVE-2026-42837 | Windows Projected File System Elevation of Privilege Vulnerability | Important |
| Windows Push Notifications | CVE-2026-42991 | Windows Push Notifications Elevation of Privilege Vulnerability | Important |
| Windows Push Notifications | CVE-2026-42977 | Windows Push Notifications Elevation of Privilege Vulnerability | Important |
| Windows Push Notifications | CVE-2026-42979 | Windows Push Notifications Elevation of Privilege Vulnerability | Important |
| Windows Push Notifications | CVE-2026-42978 | Windows Push Notifications Elevation of Privilege Vulnerability | Important |
| Windows Push Notifications | CVE-2026-42973 | Windows Push Notification Information Disclosure Vulnerability | Important |
| Windows Push Notifications | CVE-2026-42970 | Windows Push Notification Information Disclosure Vulnerability | Important |
| Windows Push Notifications | CVE-2026-42969 | Windows Push Notification Information Disclosure Vulnerability | Important |
| Windows Push Notifications | CVE-2026-42971 | Windows Push Notification Information Disclosure Vulnerability | Important |
| Windows RDP | CVE-2026-45639 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | Important |
| Windows RDP | CVE-2026-42908 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | Important |
| Windows SDK | CVE-2026-45593 | Windows SDK Elevation of Privilege Vulnerability | Important |
| Windows Secure Boot | CVE-2026-45588 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2026-45654 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2026-48570 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2026-48568 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2026-48575 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2026-48578 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2026-48573 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Secure Boot | CVE-2026-48576 | Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Shell | CVE-2026-42907 | Windows Shell Information Disclosure Vulnerability | Important |
| Windows Shell | CVE-2026-42906 | Windows Shell Information Disclosure Vulnerability | Important |
| Windows Storage | CVE-2026-47648 | Windows Storage Elevation of Privilege Vulnerability | Important |
| Windows TCP/IP | CVE-2026-42904 | Windows TCP/IP Elevation of Privilege Vulnerability | Important |
| Windows TCP/IP | CVE-2026-42915 | Windows TCP/IP Denial of Service Vulnerability | Important |
| Windows Telephony Service | CVE-2026-42968 | Windows Telephony Server Information Disclosure Vulnerability | Important |
| Windows Telephony Service | CVE-2026-42912 | Windows Telephony Service Elevation of Privilege Vulnerability | Important |
| Windows UEFI | CVE-2026-8863 | UEFI Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows UEFI | CVE-2026-45656 | UEFI Secure Boot Security Feature Bypass Vulnerability | Important |
| Windows Universal Disk Format File System Driver (UDFS) | CVE-2026-40404 | Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability | Important |
| Windows Universal Disk Format File System Driver (UDFS) | CVE-2026-40409 | Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability | Important |
| Windows Win32K – GRFX | CVE-2026-44812 | Windows Graphics Component Remote Code Execution Vulnerability | Critical |
| Windows Win32K – GRFX | CVE-2026-44803 | Windows Graphics Component Remote Code Execution Vulnerability | Critical |
| Winlogon | CVE-2026-42989 | Winlogon Elevation of Privilege Vulnerability | Important |
