📦

windows_11_26h1

Vendor: microsoft

Login to add this product to WatchStack
Actively Exploited 1 CISA KEV List
PoC / Exploits 14 Code Available
Total RCEs 16 Remote Access
Total CVEs 685 Total Indexed
Avg. EPSS 0.65% Exploit Prob.
Latest CVE CVE-2026-50507 Jun 09

Security Vulnerability Index

Page 27 / 69
7.0 CVSS
CVE-2026-26166

Double free in Windows Shell allows an authorized attacker to elevate privileges locally.

EPSS: 0.24%
7.0 CVSS
CVE-2026-26165

Use after free in Windows Shell allows an authorized attacker to elevate privileges locally.

EPSS: 0.25%
7.8 CVSS
CVE-2026-26163

Double free in Windows Kernel allows an authorized attacker to elevate privileges locally.

EPSS: 0.30%
7.8 CVSS
CVE-2026-26162

Access of resource using incompatible type ('type confusion') in Windows OLE allows an authorized attacker to elevate privileges locally.

EPSS: 0.30%
7.8 CVSS
CVE-2026-26161

Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally.

EPSS: 0.30%
7.8 CVSS
CVE-2026-26160

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.

EPSS: 0.27%
7.8 CVSS
CVE-2026-26159

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.

EPSS: 0.26%
7.8 CVSS
CVE-2026-26156

Heap-based buffer overflow in Windows Hyper-V allows an unauthorized attacker to execute code locally.

EPSS: 0.41%
6.5 CVSS
CVE-2026-26155

Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability

EPSS: 0.89%
7.8 CVSS
CVE-2026-26153

Out-of-bounds read in Windows Encrypting File System (EFS) allows an authorized attacker to elevate privileges locally.

EPSS: 0.29%