📦

windows_11_26h1

Vendor: microsoft

Actively Exploited 1 CISA KEV List

PoC / Exploits 14 Code Available

Total RCEs 16 Remote Access

Total CVEs 685 Total Indexed

Avg. EPSS 0.65% Exploit Prob.

Latest CVE CVE-2026-50507 Jun 09

Security Vulnerability Index

Page 28 / 69

7.0 CVSS

CVE-2026-26152

Insecure storage of sensitive information in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.

EPSS: 0.23%

Severity: HIGH

Apr 14, 2026

7.1 CVSS

CVE-2026-26151

Insufficient ui warning of dangerous operations in Windows Remote Desktop allows an unauthorized attacker to perform spoofing over a network.

EPSS: 0.83%

Severity: HIGH

Apr 14, 2026

7.0 CVSS

CVE-2026-25184

Concurrent execution using shared resource with improper synchronization ('race condition') in Applocker Filter Driver (applockerfltr.sys) allows an authorized attacker to elevate privileges locally.

EPSS: 0.18%

Severity: HIGH

Apr 14, 2026

5.7 CVSS

CVE-2026-23670

Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.

EPSS: 0.26%

Severity: MEDIUM

Apr 14, 2026

4.6 CVSS

CVE-2026-20928

Improper removal of sensitive information before storage or transfer in Windows Recovery Environment Agent allows an unauthorized attacker to bypass a security feature with a physical attack.

EPSS: 0.43%

Severity: MEDIUM

Apr 14, 2026

5.5 CVSS

CVE-2026-20806

Access of resource using incompatible type ('type confusion') in Windows COM allows an authorized attacker to disclose information locally.

EPSS: 0.34%

Severity: MEDIUM

Apr 14, 2026

0.0 CVSS

CVE-2026-26132

EPSS: 0.00%

Severity:

Jan 01, 0001

Displaying 7 of 685 Total Entries

26 27 28 29 30 ... 69

Total 69 Sections