CVE-2026-20924 Windows Management Services Elevation of Privilege Vulnerability
Published January 14, 2026
Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.
Microsoft Security Response Center Blog Alerts
CVE-2026-20811 Win32k Elevation of Privilege Vulnerability
Published January 14, 2026
Access of resource using incompatible type (‘type confusion’) in Windows Win32K – ICOMP allows an authorized attacker to elevate privileges locally.
Chromium: CVE-2026-0628 Insufficient policy enforcement in WebView tag
Published January 12, 2026
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.
CVE-2025-37745 PM: hibernate: Avoid deadlock in hibernate_compressor_param_set()
Published January 9, 2026
Information published.
CVE-2024-56782 ACPI: x86: Add adev NULL check to acpi_quirk_skip_serdev_enumeration()
Published January 9, 2026
Information published.
CVE-2024-56775 drm/amd/display: Fix handling of plane refcount
Published January 9, 2026
Information published.
CVE-2024-57804 scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs
Published January 9, 2026
Information published.
CVE-2024-35794 dm-raid: really frozen sync_thread during suspend
Published January 9, 2026
Information published.
CVE-2024-42107 ice: Don't process extts if PTP is disabled
Published January 9, 2026
Information published.
CVE-2025-21732 RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error
Published January 9, 2026
Information published.
