NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-32077	Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-32076	Out-of-bounds read in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-32075	Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.	2026-04-14	7.0	LOCAL	HIGH	NVD
CVE-2026-32074	Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally.	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-32073	Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.	2026-04-14	7.0	LOCAL	HIGH	NVD
CVE-2026-32072	Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally.	2026-04-14	6.2	LOCAL	MEDIUM	NVD
CVE-2026-32071	Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.	2026-04-14	7.5	NETWORK	HIGH	NVD
CVE-2026-32070	Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.	2026-04-14	7.0	LOCAL	HIGH	NVD
CVE-2026-32069	Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally.	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-32068	Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to e...	2026-04-14	7.0	LOCAL	HIGH	NVD
CVE-2026-27931	Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally.	2026-04-14	5.5	LOCAL	MEDIUM	NVD
CVE-2026-27930	Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally.	2026-04-14	5.5	LOCAL	MEDIUM	NVD
CVE-2026-27929	Time-of-check time-of-use (toctou) race condition in Windows LUAFV allows an authorized attacker to elevate privileges locally.	2026-04-14	7.0	LOCAL	HIGH	NVD
CVE-2026-27928	Improper input validation in Windows Hello allows an unauthorized attacker to bypass a security feature over a network.	2026-04-14	8.7	NETWORK	HIGH	NVD
CVE-2026-27927	Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Projected File System allows an authorized atta...	2026-04-14	7.8	LOCAL	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.