NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-27910	Improper handling of insufficient permissions or privileges in Windows Installer allows an authorized attacker to elevate privileges locally.	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-27909	Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-27908	Use after free in Windows TDI Translation Driver (tdx.sys) allows an authorized attacker to elevate privileges locally.	2026-04-14	7.0	LOCAL	HIGH	NVD
CVE-2026-27907	Integer underflow (wrap or wraparound) in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-27906	Improper input validation in Windows Hello allows an authorized attacker to bypass a security feature locally.	2026-04-14	4.4	LOCAL	MEDIUM	NVD
CVE-2026-27303	Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code...	2026-04-14	9.6	NETWORK	CRITICAL	NVD
CVE-2026-27288	Adobe Experience Manager versions 6.5.24, FP11.7 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could e...	2026-04-14	5.4	NETWORK	MEDIUM	NVD
CVE-2026-27258	DNG SDK versions 1.7.1 2502 and earlier are affected by an out-of-bounds write vulnerability that could lead to application denial-of-service. An atta...	2026-04-14	5.5	LOCAL	MEDIUM	NVD
CVE-2026-27246	Adobe Connect versions 2025.3, 12.10 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this ...	2026-04-14	9.3	NETWORK	CRITICAL	NVD
CVE-2026-27245	Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convi...	2026-04-14	9.3	NETWORK	CRITICAL	NVD
CVE-2026-27243	Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convi...	2026-04-14	9.3	NETWORK	CRITICAL	NVD
CVE-2026-26184	Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally.	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-26183	Improper access control in Windows RPC API allows an authorized attacker to elevate privileges locally.	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-26182	Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.	2026-04-14	7.0	LOCAL	HIGH	NVD
CVE-2026-26181	Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.	2026-04-14	7.8	LOCAL	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.