NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-27925	Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to disclose information over an adjacent network.	2026-04-14	6.5	ADJACENT_NETWORK	MEDIUM	NVD
CVE-2026-27924	Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-27923	Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-27922	Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.	2026-04-14	7.0	LOCAL	HIGH	NVD
CVE-2026-27921	Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate...	2026-04-14	7.0	LOCAL	HIGH	NVD
CVE-2026-27920	Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-27919	Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-27918	Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate ...	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-27917	Use after free in Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) allows an authorized attacker to elevate privileges locally.	2026-04-14	7.0	LOCAL	HIGH	NVD
CVE-2026-27916	Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-27915	Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-27914	Improper access control in Microsoft Management Console allows an authorized attacker to elevate privileges locally.	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-27913	Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature locally.	2026-04-14	7.7	LOCAL	HIGH	NVD
CVE-2026-27912	Improper authorization in Windows Kerberos allows an authorized attacker to elevate privileges over an adjacent network.	2026-04-14	8.0	ADJACENT_NETWORK	HIGH	NVD
CVE-2026-27911	Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attack...	2026-04-14	7.8	LOCAL	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.