NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-27929	Time-of-check time-of-use (toctou) race condition in Windows LUAFV allows an authorized attacker to elevate privileges locally.	2026-04-14	7.0	LOCAL	HIGH	NVD
CVE-2026-27928	Improper input validation in Windows Hello allows an unauthorized attacker to bypass a security feature over a network.	2026-04-14	8.7	NETWORK	HIGH	NVD
CVE-2026-27927	Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Projected File System allows an authorized atta...	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-27926	Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Cloud Files Mini Filter Driver allows an author...	2026-04-14	7.0	LOCAL	HIGH	NVD
CVE-2026-27925	Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to disclose information over an adjacent network.	2026-04-14	6.5	ADJACENT_NETWORK	MEDIUM	NVD
CVE-2026-27924	Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-27923	Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-27922	Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.	2026-04-14	7.0	LOCAL	HIGH	NVD
CVE-2026-27921	Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate...	2026-04-14	7.0	LOCAL	HIGH	NVD
CVE-2026-27920	Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-27919	Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-27918	Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate ...	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-27917	Use after free in Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) allows an authorized attacker to elevate privileges locally.	2026-04-14	7.0	LOCAL	HIGH	NVD
CVE-2026-27916	Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.	2026-04-14	7.8	LOCAL	HIGH	NVD
CVE-2026-27915	Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.	2026-04-14	7.8	LOCAL	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.