Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total83
Critical0
High55
Medium28
Reset
Showing 1-20 of 83 records
Threat Entry Updated 2026-01-14

CVE-2026-21265 - Windows Server 2025 Plugin

Windows Secure Boot stores Microsoft certificates in the UEFI KEK and DB. These original certificates are approaching expiration, and devices containing affected certificate versions must update them to maintain Secure Boot functionality and avoid compromising security by losing security fixes related to Windows boot manager or Secure Boot. The operating system’s certificate update protection mechanism relies on firmware components that might contain defects, which can cause certificate trust updates to fail or behave unpredictably. This leads to potential disruption of the Secure Boot trust chain and requires careful validation and…

PLUGIN Windows Server 2025

CVE-2026-21265

MEDIUM CVSS 6.4 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-16

CVE-2026-21221 - Windows Server 2025 Plugin

Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an authorized attacker to elevate privileges locally.

PLUGIN Windows Server 2025

CVE-2026-21221

HIGH CVSS 7.0 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-16

CVE-2026-20934 - Windows Server 2025 Plugin

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

PLUGIN Windows Server 2025

CVE-2026-20934

HIGH CVSS 7.5 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-16

CVE-2026-20926 - Windows Server 2025 Plugin

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

PLUGIN Windows Server 2025

CVE-2026-20926

HIGH CVSS 7.5 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-16

CVE-2026-20927 - Windows Server 2025 Plugin

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to deny service over a network.

PLUGIN Windows Server 2025

CVE-2026-20927

MEDIUM CVSS 5.3 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-15

CVE-2026-20921 - Windows Server 2025 Plugin

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

PLUGIN Windows Server 2025

CVE-2026-20921

HIGH CVSS 7.5 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-15

CVE-2026-20919 - Windows Server 2025 Plugin

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

PLUGIN Windows Server 2025

CVE-2026-20919

HIGH CVSS 7.5 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-15

CVE-2026-20918 - Windows Server 2025 Plugin

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.

PLUGIN Windows Server 2025

CVE-2026-20918

HIGH CVSS 7.8 2026-01-13
Open Full Technical Breakdown
Scroll to top