Known Vulnerabilities for Windows by Microsoft Corporation
Listed below are 10 of the newest known vulnerabilities associated with "Windows" by "Microsoft Corporation".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-59998 json | sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the ser... | Not Provided | 2026-07-08 | 2026-07-08 |
| CVE-2026-58640 json | Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally. | Not Provided | 2026-07-14 | 2026-07-14 |
| CVE-2026-58638 json | Missing cryptographic step in Windows Boot Loader allows an authorized attacker to bypass a security feature locally. | Not Provided | 2026-07-14 | 2026-07-14 |
| CVE-2026-58637 json | Use after free in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally. | Not Provided | 2026-07-14 | 2026-07-14 |
| CVE-2026-58635 json | Improper neutralization of special elements used in a command ('command injection') in Windows Narrator Braille allows an aut... | Not Provided | 2026-07-14 | 2026-07-14 |
| CVE-2026-58632 json | Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally. | Not Provided | 2026-07-14 | 2026-07-14 |
| CVE-2026-58631 json | Improper authorization in Windows Admin Center allows an authorized attacker to execute code locally. | Not Provided | 2026-07-14 | 2026-07-14 |
| CVE-2026-58629 json | Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally. | Not Provided | 2026-07-14 | 2026-07-14 |
| CVE-2026-58628 json | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Wireless Networking al... | Not Provided | 2026-07-14 | 2026-07-14 |
| CVE-2026-58627 json | Uncontrolled resource consumption in Windows DHCP Server allows an unauthorized attacker to deny service over a network. | Not Provided | 2026-07-14 | 2026-07-14 |