📦

windows_11_26h1

Vendor: microsoft

Login to add this product to WatchStack
Actively Exploited 1 CISA KEV List
PoC / Exploits 14 Code Available
Total RCEs 16 Remote Access
Total CVEs 687 Total Indexed
Avg. EPSS 0.65% Exploit Prob.
Latest CVE CVE-2026-50507 Jun 09

Security Vulnerability Index

Page 30 / 69
7.0 CVSS
CVE-2026-25171

Use after free in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.

EPSS: 0.27%
7.0 CVSS
CVE-2026-25170

Use after free in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

EPSS: 0.29%
6.2 CVSS
CVE-2026-25169

Divide by zero in Microsoft Graphics Component allows an unauthorized attacker to deny service locally.

EPSS: 0.47%
6.2 CVSS
CVE-2026-25168

Null pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to deny service locally.

EPSS: 0.48%
7.4 CVSS
CVE-2026-25167

Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.

EPSS: 0.32%
7.8 CVSS
CVE-2026-25166
RCE

Deserialization of untrusted data in Windows System Image Manager allows an authorized attacker to execute code locally.

EPSS: 1.96%
7.8 CVSS
CVE-2026-25165

Null pointer dereference in Windows Performance Counters allows an authorized attacker to elevate privileges locally.

EPSS: 0.39%
7.0 CVSS
CVE-2026-24296

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Device Association Service allows an authorized attacker to elevate privileges locally.

EPSS: 0.21%
7.0 CVSS
CVE-2026-24295

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Device Association Service allows an authorized attacker to elevate privileges locally.

EPSS: 0.21%
7.8 CVSS
CVE-2026-24294
Exploit Found

Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.

EPSS: 2.73%