CVE-2026-26134
Integer overflow or wraparound in Microsoft Office allows an authorized attacker to elevate privileges locally.
CVE-2026-25180
Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose information locally.
CVE-2026-24285
Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
CVE-2026-20943
Untrusted search path in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-60724
Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.
CVE-2025-53799
Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally.
CVE-2025-53766
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.
CVE-2025-53732
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-30388
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
CVE-2025-29822
Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally.
CVE-2025-27744
Improper access control in Microsoft Office allows an authorized attacker to elevate privileges locally.
CVE-2025-26687
Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-21402
Microsoft Office OneNote Remote Code Execution Vulnerability
CVE-2025-21361
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2025-21338
GDI+ Remote Code Execution Vulnerability