Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2026-01-15
CVE-2026-20859 - Windows 11 Version 25H2 Plugin
Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.
PLUGIN
Windows 11 Version 25H2
CVE-2026-20859
Risk Score
Threat Entry
Updated 2026-01-15
CVE-2026-20858 - Windows 11 Version 25H2 Plugin
Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.
PLUGIN
Windows 11 Version 25H2
CVE-2026-20858
Risk Score
Threat Entry
Updated 2026-01-15
CVE-2026-20857 - Windows 11 Version 25H2 Plugin
Untrusted pointer dereference in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
PLUGIN
Windows 11 Version 25H2
CVE-2026-20857
Risk Score
Threat Entry
Updated 2026-01-15
CVE-2026-20854 - Windows 11 Version 25H2 Plugin
Use after free in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to execute code over a network.
PLUGIN
Windows 11 Version 25H2
CVE-2026-20854
Risk Score
Threat Entry
Updated 2026-01-15
CVE-2026-20852 - Windows 11 Version 25H2 Plugin
Incorrect privilege assignment in Windows Hello allows an unauthorized attacker to perform tampering locally.
PLUGIN
Windows 11 Version 25H2
CVE-2026-20852
Risk Score
Threat Entry
Updated 2026-01-15
CVE-2026-20849 - Windows 11 Version 25H2 Plugin
Reliance on untrusted inputs in a security decision in Windows Kerberos allows an authorized attacker to elevate privileges over a network.
PLUGIN
Windows 11 Version 25H2
CVE-2026-20849
Risk Score
Threat Entry
Updated 2026-01-15
CVE-2026-20848 - Windows 11 Version 25H2 Plugin
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.
PLUGIN
Windows 11 Version 25H2
CVE-2026-20848
Risk Score
Threat Entry
Updated 2026-01-15
CVE-2026-20853 - Windows 11 Version 25H2 Plugin
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows WalletService allows an unauthorized attacker to elevate privileges locally.
PLUGIN
Windows 11 Version 25H2
CVE-2026-20853
Risk Score
Threat Entry
Updated 2026-01-15
CVE-2026-20847 - Windows 11 Version 25H2 Plugin
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to perform spoofing over a network.
PLUGIN
Windows 11 Version 25H2
CVE-2026-20847
Risk Score
Threat Entry
Updated 2026-01-15
CVE-2026-20851 - Windows 11 Version 25H2 Plugin
Out-of-bounds read in Capability Access Management Service (camsvc) allows an unauthorized attacker to disclose information locally.
PLUGIN
Windows 11 Version 25H2
CVE-2026-20851
Risk Score
Threat Entry
Updated 2026-01-15
CVE-2026-20843 - Windows 11 Version 25H2 Plugin
Improper access control in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally.
PLUGIN
Windows 11 Version 25H2
CVE-2026-20843
Risk Score
Threat Entry
Updated 2026-01-15
CVE-2026-20840 - Windows 11 Version 25H2 Plugin
Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.
PLUGIN
Windows 11 Version 25H2
CVE-2026-20840
Risk Score
Threat Entry
Updated 2026-01-15
CVE-2026-20844 - Windows 11 Version 25H2 Plugin
Use after free in Windows Clipboard Server allows an unauthorized attacker to elevate privileges locally.
PLUGIN
Windows 11 Version 25H2
CVE-2026-20844
Risk Score
Threat Entry
Updated 2026-01-15
CVE-2026-20842 - Windows 11 Version 25H2 Plugin
Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.
PLUGIN
Windows 11 Version 25H2
CVE-2026-20842
Risk Score
Threat Entry
Updated 2026-01-15
CVE-2026-20839 - Windows 11 Version 25H2 Plugin
Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to disclose information locally.
PLUGIN
Windows 11 Version 25H2
CVE-2026-20839
Risk Score
Threat Entry
Updated 2026-01-15
CVE-2026-20838 - Windows 11 Version 25H2 Plugin
Generation of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose information locally.
PLUGIN
Windows 11 Version 25H2
CVE-2026-20838
Risk Score
Threat Entry
Updated 2026-01-15
CVE-2026-20837 - Windows 11 Version 25H2 Plugin
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally.
PLUGIN
Windows 11 Version 25H2
CVE-2026-20837
Risk Score
Threat Entry
Updated 2026-01-15
CVE-2026-20832 - Windows 11 Version 25H2 Plugin
Windows Remote Procedure Call Interface Definition Language (IDL) Elevation of Privilege Vulnerability
PLUGIN
Windows 11 Version 25H2
CVE-2026-20832
Risk Score
Threat Entry
Updated 2026-01-15
CVE-2026-20836 - Windows 11 Version 25H2 Plugin
Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to elevate privileges locally.
PLUGIN
Windows 11 Version 25H2
CVE-2026-20836
Risk Score
Threat Entry
Updated 2026-01-15
CVE-2026-20835 - Windows 11 Version 25H2 Plugin
Out-of-bounds read in Capability Access Management Service (camsvc) allows an authorized attacker to disclose information locally.
PLUGIN
Windows 11 Version 25H2
CVE-2026-20835
Risk Score