CVE-2026-20943 Microsoft Office Click-To-Run Remote Code Execution Vulnerability
Published January 21, 2026
Updated FAQ information. This is an informational change only.
Microsoft Security Response Center Blog Alerts
CVE-2026-20818 Windows Kernel Information Disclosure Vulnerability
Published January 21, 2026
Updated the build numbers. This is an informational update only.
CVE-2026-20848 Windows SMB Server Elevation of Privilege Vulnerability
Published January 21, 2026
Updated the build numbers. This is an informational update only.
CVE-2026-21221 Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability
Published January 21, 2026
Updated the build numbers. This is an informational update only.
CVE-2026-20830 Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability
Published January 21, 2026
Updated the build numbers. This is an informational update only.
Chromium: CVE-2026-0905 Insufficient policy enforcement in Network
Published January 16, 2026
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.
Chromium: CVE-2026-0906 Incorrect security UI
Published January 16, 2026
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.
Chromium: CVE-2026-0904 Incorrect security UI in Digital Credentials
Published January 16, 2026
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.
Chromium: CVE-2026-0903 Insufficient validation of untrusted input in Downloads
Published January 16, 2026
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.
Chromium: CVE-2026-0902 Inappropriate implementation in V8
Published January 16, 2026
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.
