Autor: Peter Leibling

CVE-2026-25187 Winlogon Elevation of Privilege Vulnerability

Improper link resolution before file access (‚link following‘) in Winlogon allows an authorized attacker to elevate privileges locally.

CVE-2026-25185 Windows Shell Link Processing Spoofing Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows Shell Link Processing allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-26115 SQL Server Elevation of Privilege Vulnerability

Improper validation of specified type of input in SQL Server allows an authorized attacker to elevate privileges over a network.

CVE-2026-23672 Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

Information published.

CVE-2026-24297 Windows Kerberos Security Feature Bypass Vulnerability

Concurrent execution using shared resource with improper synchronization (‚race condition‘) in Windows Kerberos allows an unauthorized attacker to bypass a security feature over a network.

CVE-2026-23674 MapUrlToZone Security Feature Bypass Vulnerability

Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.

CVE-2026-25190 GDI Remote Code Execution Vulnerability

Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally.

CVE-2026-26112 Microsoft Excel Remote Code Execution Vulnerability

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-26113 Microsoft Office Remote Code Execution Vulnerability

Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.

[NEU] [niedrig] Linux Kernel: Schwachstelle ermöglicht Denial of Service

Ein lokaler Angreifer kann eine Schwachstelle im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen.

©  2026 Leibling.de. Erstellt mit WordPress und dem Highlight Theme