Autor: Peter Leibling

CVE-2026-32200 Microsoft PowerPoint Remote Code Execution Vulnerability

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

CVE-2026-32176 SQL Server Elevation of Privilege Vulnerability

Improper neutralization of special elements used in an sql command (’sql injection‘) in SQL Server allows an authorized attacker to elevate privileges locally.

CVE-2026-32162 Windows COM Elevation of Privilege Vulnerability

Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally.

CVE-2026-32072 Active Directory Spoofing Vulnerability

Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally.

CVE-2026-32223 Windows USB Printing Stack (usbprint.sys) Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows USB Print Driver allows an unauthorized attacker to elevate privileges with a physical attack.

CVE-2026-32150 Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization (‚race condition‘) in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.

CVE-2026-32163 Windows User Interface Core Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization (‚race condition‘) in Windows User Interface Core allows an authorized attacker to elevate privileges locally.

CVE-2026-33822 Microsoft Word Information Disclosure Vulnerability

Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

CVE-2026-32078 Windows Projected File System Elevation of Privilege Vulnerability

Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally.

CVE-2026-26160 Remote Desktop Licensing Service Elevation of Privilege Vulnerability

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.