CVE-2025-26686 Windows TCP/IP Remote Code Execution Vulnerability
Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network.
CVE-2025-26682 ASP.NET Core and Visual Studio Denial of Service Vulnerability
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.
CVE-2025-29803 Visual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege Vulnerability
Uncontrolled search path element in Visual Studio Tools for Applications and SQL Server Management Studio allows an authorized attacker to elevate privileges locally.
CVE-2025-27486 Windows Standards-Based Storage Management Service Denial of Service Vulnerability
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
CVE-2025-26672 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-26628 Azure Local Cluster Information Disclosure Vulnerability
Insufficiently protected credentials in Azure Local Cluster allows an authorized attacker to disclose information locally.
CVE-2025-29820 Microsoft Word Remote Code Execution Vulnerability
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-27744 Microsoft Office Elevation of Privilege Vulnerability
Improper access control in Microsoft Office allows an authorized attacker to elevate privileges locally.
CVE-2025-26680 Windows Standards-Based Storage Management Service Denial of Service Vulnerability
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
CVE-2025-24062 Microsoft DWM Core Library Elevation of Privilege Vulnerability
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
