CVE-2026-27917
7.0 HIGH 7.0Use after free in Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) allows an authorized attacker to elevate privileges locally.
CVE Vulnerability Database
Complete database of CVE vulnerabilities. Track critical security threats, exploits and patches. Updated daily from NVD NIST.
CVE-2026-27916
7.8 HIGH 7.8Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.
CVE-2026-27915
7.8 HIGH 7.8Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.
CVE-2026-27914
7.8 HIGH 7.8Improper access control in Microsoft Management Console allows an authorized attacker to elevate privileges locally.
Microsoft
Details
CVE-2026-27913
7.7 HIGH 7.7Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature locally.
CVE-2026-27912
8.0 HIGH 8.0Improper authorization in Windows Kerberos allows an authorized attacker to elevate privileges over an adjacent network.
CVE-2026-27911
7.8 HIGH 7.8Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.
Concurrent
Details
CVE-2026-27910
7.8 HIGH 7.8Improper handling of insufficient permissions or privileges in Windows Installer allows an authorized attacker to elevate privileges locally.
CVE-2026-27909
7.8 HIGH 7.8Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.
Microsoft
Details
CVE-2026-27908
7.0 HIGH 7.0Use after free in Windows TDI Translation Driver (tdx.sys) allows an authorized attacker to elevate privileges locally.
Statistics
Total
38636
Critical
3366
High
12549