Skip to Content
Get started
Open search

June Patch Tuesday smashes past 500-CVE mark

209 patches + 388 advisories = welcome to summer 2026
Author placeholder

Written by Angela Gunn

June Patch Tuesday smashes past 500-CVE mark - Image
Threat Researchx-opsPatch TuesdayMICROSOFT PATCH TUESDAY

You didn’t have any other work plans in June, did you? Microsoft on Tuesday released 209 patches affecting 24 product families. Thirty-eight of the addressed issues are considered by Microsoft to be of Critical severity, and 16 of those are expected to be exploited within the next 30 days. An additional CVE, related to the Chaotic Eclipse (aka Nightmare Eclipse) disclosures of the previous weeks, already is. Forty-two have a CVSS base score of 8.0 or higher. Four were publicly disclosed as of release day and just one is acknowledged to be under active exploit in the wild. The numbers in the previous sentence are somewhat confusing in light of (again) the Chaotic Eclipse affair, as we’ll discuss further below.

If the patch count sounds daunting, try the advisory count – 388 of them. As ever, the majority are Edge-related, assigned by Chrome, and patched days in advance of Patch Tuesday. Twenty-three, affecting Adobe Reader and ColdFusion, were issued by Adobe. Two more affect Windows but were issued by CNAs other than Microsoft (specifically, CERT/CC and Arm Limited). As always, we cover all advisories in Appendix D.

Various of this month’s issues are amenable to direct detection by Sophos protections, and we include information on those in the usual table below. These protections include a variety of items targeting the ongoing Chaotic Eclipse vulnerabilities – and, because that situation is volatile as of this writing, we caution that the list in that Sophos Protections section may not reflect all protections we are delivering to customers. 

We are as always including at the end of this post appendices listing all Microsoft’s patches sorted by severity (Appendix A), by predicted exploitability timeline and CVSS Base score (Appendix B), and by product family (Appendix C). Appendix D lists this month’s advisories. Appendix E provides a breakout of 114 CVEs affecting various versions of Windows Server, including one advisory from CERT/CC that is otherwise not counted in the patch totals for the month. Our analysis of CWE (Common Weakness Enumeration) information made available for this month’s patches appears in Appendix F.

By the numbers

  • Total CVEs: 209
  • Publicly disclosed: 4
  • Exploit detected: 1
  • Severity
    • Critical: 38
    • Important: 172
  • Impact:
    • Denial of Service: 7
    • Elevation of Privilege: 68
    • Information Disclosure: 30
    • Remote Code Execution: 55
    • Spoofing: 27
    • Security Feature Bypass: 19
    • Tampering: 3
  • CVSS base score 9.0 or greater: 10
  • CVSS base score 8.0 or greater: 42

2026-tuesday-patch-june-01.png

Figure 1: Amid the chaos of June’s Patch Tuesday, Security Feature Bypass and Spoofing are having a moment, while Denial of Service continues to lag

Products

  • .NET: 3
  • ASP.NET: 1
  • 365: 29
  • Azure: 5
  • Bing Search for Android: 1
  • Defender: 1
  • Dynamics 365: 1
  • Edge / Copilot Chat: 1
  • Excel: 10
  • Exchange: 8
  • Live Share Canvas SDK: 1
  • Dynamics 365: 1
  • Edge / Copilot: 1
  • Microsoft Graph: 1
  • Microsoft Live Share Canvas SDK: 1
  • MMPC*: 1
  • Nuance PowerScribe: 1
  • Office: 28
  • PC Manager: 3
  • PowerPoint: 3
  • PowerToys: 1
  • SharePoint: 30
  • Teams for Android: 1
  • Visual Studio: 8
  • Windows: 119
  • Windows Narrator Braille: 1
  • Word: 10

* It is unclear from context why this CVE is assigned to MMPC rather than Defender, but we leave it as presented to us.

As is our custom for this list, CVEs that apply to more than one product family are counted once for each family they affect. We note, by the way, that CVE names don’t always reflect affected product families closely. In particular, some CVEs names in the Office family may mention products that don’t appear in the list of products affected by the CVE, and vice versa. 

2026-tuesday-patch-june02.png

Figure 2: Twenty-four families show up in June’s Patch Tuesday count, including some unusual sightings such as Windows Narrator Braille, which users can easily patch by updating the feature through the Settings → Accessibility → Narrator → Use Braille display → Download BRLTTY menu. Windows, of course, continues to run the game.

2026-tuesday-patch-june03.png

Figure 3: We are halfway through the year, three months (more or less) into the AI Bug-Hunting Era, and dangerously low on colored pixels with which to make this chart

Notable June updates

In addition to the issues discussed above, a few items merit general attention. 

CVE-2020-17103 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2026-41091 – Microsoft Defender Elevation of Privilege Vulnerability
CVE-2026-45585 – Windows BitLocker Security Feature Bypass Vulnerability
CVE-2026-45586 – Windows Collaborative Translation Framework (CTFMON) Elevation of Privilege Vulnerability

Microsoft connects these four CVEs to specific items disclosed by the Chaotic Eclipse researcher earlier this month – respectively, these touch MiniPlasma, RedSun, YellowKey, and GreenPlasma. All are Important-severity issues, and Microsoft judges two of them (CVE-2026-45585, CVE-2026-45586) as more likely to be exploited within the next 30 days; in fact, CVE-2026-45585 is already known to be exploited in the wild. Sharp eyes will notice that one of these bugs is much, much, much older than the others – CVE-2020-17103 was indeed patched back in December 2020 after a responsible disclosure by Google Project Zero’s James Forshaw. To address issues recently uncovered in that patch, Microsoft recommends applying the new update – but will continue to credit Forshaw with the original find.

CVE-2026-44812 – Windows Graphics Component Remote Code Execution Vulnerability
CVE-2026-45456 – Microsoft Outlook and Word Remote Code Execution Vulnerability
CVE-2026-45458 – Microsoft Outlook and Word Remote Code Execution Vulnerability
CVE-2026-45460 – Microsoft Office Information Disclosure Vulnerability
CVE-2026-45461 – Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45463 – Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45472 – Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45474 – Microsoft Office Remote Code Execution Vulnerability
CVE-2026-47635 – Microsoft Outlook and Word Remote Code Execution Vulnerability

All nine of these CVEs have a working vector in Preview Pane and should thus be prioritized – but one of them is unusual. CVE-2026-44812 (more about this one in a minute) can be triggered by viewing in the File Explorer Preview Pane rather than the usual Outlook. All are Critical-severity, but only CVE-2026-44812 is predicted to be exploited in the next 30 days. Speaking of that CVE…

CVE-2026-44803 – Windows Graphics Component Remote Code Execution Vulnerability
CVE-2026-44812 – Windows Graphics Component Remote Code Execution Vulnerability
Here’s something else you don’t see every month: A CVE that affects both Windows itself and various Office components – Excel, PowerPoint, Word. (And now the File Explorer aspect of CVE-2026-44812 makes more sense, right?) These are both Critical-severity integer overflow / wraparound bugs that Microsoft deems more likely to be exploited within the next 30 days, so they’re worth prioritizing.

28 CVEs – Exchange and SharePoint issues

Two of the toughest Microsoft products to update are, as many observers know, usually managed in groups during what we used to know as “quieter” months, unless of course something was on fire. In 2026, the largest CVE release in history includes over two dozen patches for Exchange or SharePoint. The good news, if there is any, is that only two of the SharePoint issues (CVE-2026-45456, CVE-2026-45458) are Critical-severity, and only two of the Exchange issues (CVE-2026-45481, CVE-2026-47634) are judged by Microsoft as more likely to be exploited within the next 30 days. It’s something at least.

CVE-2026-41092 – Microsoft Kinect Elevation of Privilege Vulnerability

With a CVSS base score of 7.8 and a ruling that it’s less likely to be exploited in the next 30 days, this patch, which affects all supported Windows client and server versions, probably won’t trouble your sleep – but it may make you nostalgic for your ancient Kinect games.

Sophos protections

CVESophos Intercept X/Endpoint IPS

Sophos XGS Firewall

CVE-2020-17103Troj/MiPlasma-ATroj/MiPlasma-A
CVE-2026-41091ATK/RedSun-AATK/RedSun-A
CVE-2026-42791sid:2312591, sid:2312588sid:2312591, sid:2312588
CVE-2026-42905Exp/2642905-AExp/2642905-A
CVE-2026-42980Exp/2642980-AExp/2642980-A
CVE-2026-42986Exp/2642986-AExp/2642986-A
CVE-2026-42989Exp/2642989-AExp/2642989-A
CVE-2026-45585Troj/YellowKy-ATroj/YellowKy-A
CVE-2026-45586Exp/2645586-A, Troj/GrPlasma-AExp/2645586-A, Troj/GrPlasma-A
CVE-2026-49160Exp/2649160-AExp/2649160-A

As noted above, we caution readers that due to volatility around certain disclosure-related issues, the table above may or may not reflect all protections currently in place.

As you can every month, if you don’t want to wait for your system to pull down Microsoft’s updates itself, you can download them manually from the Windows Update Catalog website. Run the winver.exe tool to determine which build of Windows you’re running, then download the Cumulative Update package for your specific system’s architecture and build number.

Appendix A: Vulnerability Impact and Severity

This is a list of June patches sorted by impact, then sub-sorted by severity. Each list is further arranged by CVE.

Elevation of Privilege (68 CVEs)

Critical severity
CVE-2026-33828Windows Device Health Attestation (DHA) Elevation of Privilege Vulnerability
CVE-2026-44810Microsoft Cryptographic Services Elevation of Privilege Vulnerability
CVE-2026-48567Azure HorizonDB  Elevation of Privilege Vulnerability
Important severity
CVE-2020-17103Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2026-34335Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-40371Microsoft Dynamics 365 (on-premises) Elevation of Privilege Vulnerability
CVE-2026-40376Visual Studio Code Elevation of Privilege Vulnerability
CVE-2026-40404Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
CVE-2026-40409Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
CVE-2026-41091Microsoft Defender Elevation of Privilege Vulnerability
CVE-2026-41092Microsoft Kinect Elevation of Privilege Vulnerability
CVE-2026-41108Windows DNS Client Elevation of Privilege Vulnerability
CVE-2026-42828Windows Projected File System Elevation of Privilege Vulnerability
CVE-2026-42836Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability
CVE-2026-42837Windows Projected File System Elevation of Privilege Vulnerability
CVE-2026-42902Microsoft PowerToys Elevation of Privilege Vulnerability
CVE-2026-42904Windows TCP/IP Elevation of Privilege Vulnerability
CVE-2026-42905Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-42910Windows Hotpatch Monitoring Service Elevation of Privilege Vulnerability
CVE-2026-42911Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-42912Windows Telephony Service Elevation of Privilege Vulnerability
CVE-2026-42916NT OS Kernel Elevation of Privilege Vulnerability
CVE-2026-42977Windows Push Notifications Elevation of Privilege Vulnerability
CVE-2026-42978Windows Push Notifications Elevation of Privilege Vulnerability
CVE-2026-42979Windows Push Notifications Elevation of Privilege Vulnerability
CVE-2026-42980NT OS Kernel Elevation of Privilege Vulnerability
CVE-2026-42983Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-42984Windows Kernel Elevation of Privilege Vulnerability
CVE-2026-42986Microsoft Graphics Component Elevation of Privilege Vulnerability
CVE-2026-42989Winlogon Elevation of Privilege Vulnerability
CVE-2026-42991Windows Push Notifications Elevation of Privilege Vulnerability
CVE-2026-44802Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-44804Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-44807Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-44808Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-44809Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2026-44811Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-44813Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-45476Microsoft Azure Network Adapter Elevation of Privilege Vulnerability
CVE-2026-45484Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2026-45487Windows Program Compatibility Assistant Service Elevation of Privilege Vulnerability
CVE-2026-45490.NET SDK Elevation of Privilege Vulnerability
CVE-2026-45504Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2026-45586Windows Collaborative Translation Framework (CTFMON) Elevation of Privilege Vulnerability
CVE-2026-45592Windows Internet (wininet.dll) Elevation of Privilege Vulnerability
CVE-2026-45593Windows SDK Elevation of Privilege Vulnerability
CVE-2026-45596Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-45597Windows UI Automation Manager (uiamanager.dll) Elevation of Privilege Vulnerability
CVE-2026-45598Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-45600Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2026-45601Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-45603Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-45605Windows Bluetooth Service Elevation of Privilege Vulnerability
CVE-2026-45637Microsoft DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-45638Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-45640Windows Bluetooth Port Driver Elevation of Privilege Vulnerability
CVE-2026-45644Microsoft Live Share Canvas SDK Elevation of Privilege Vulnerability
CVE-2026-45647Microsoft Defender Elevation of Privilege Vulnerability
CVE-2026-45653Windows Kernel Elevation of Privilege Vulnerability
CVE-2026-47281Visual Studio Code Elevation of Privilege Vulnerability
CVE-2026-47292Visual Studio Code MSSQL Extension Remote Code Execution Vulnerability
CVE-2026-47293Microsoft Office Click-To-Run Elevation of Privilege Vulnerability
CVE-2026-47648Windows Storage Elevation of Privilege Vulnerability
CVE-2026-48565Windows Narrator Braille Elevation of Privilege Vulnerability
CVE-2026-48578Secure Boot Security Feature Bypass Vulnerability
CVE-2026-48583Windows Kernel Elevation of Privilege Vulnerability
CVE-2026-50511Microsoft PC Manager Elevation of Privilege Vulnerability
CVE-2026-50512Microsoft PC Manager Elevation of Privilege Vulnerability

Remote Code Execution (55 CVEs)

Critical severity
CVE-2026-26142Nuance PowerScribe Remote Code Execution Vulnerability
CVE-2026-32193Azure Kubernetes Service (AKS) Remote Code Execution Vulnerability
CVE-2026-42985Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-42987Windows Deployment Services (WDS) Remote Code Execution
CVE-2026-42992Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-44799Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-44801Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-44803Windows Graphics Component Remote Code Execution Vulnerability
CVE-2026-44812Windows Graphics Component Remote Code Execution Vulnerability
CVE-2026-44815DHCP Client Service Remote Code Execution Vulnerability
CVE-2026-45456Microsoft Outlook and Word Remote Code Execution Vulnerability
CVE-2026-45458Microsoft Outlook and Word Remote Code Execution Vulnerability
CVE-2026-45461Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45463Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45472Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45474Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45497Microsoft M365 Copilot Remote Code Execution Vulnerability
CVE-2026-45607Windows Hyper-V Remote Code Execution Vulnerability
CVE-2026-45641Windows Hyper-V Remote Code Execution Vulnerability
CVE-2026-45648Windows Active Directory Domain Services Remote Code Execution Vulnerability
CVE-2026-45657Windows Kernel Remote Code Execution Vulnerability
CVE-2026-47288Windows Kerberos Key Distribution Center (KDC) Remote Code Execution
CVE-2026-47289Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-47291HTTP.sys Remote Code Execution Vulnerability
CVE-2026-47635Microsoft Outlook and Word Remote Code Execution Vulnerability
CVE-2026-47652Windows Hyper-V Remote Code Execution Vulnerability
CVE-2026-47654Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-48563Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-48574Windows Media Remote Code Execution Vulnerability
Important severity
CVE-2026-42909Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-42913Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-42974Windows Performance Monitor Remote Code Execution Vulnerability
CVE-2026-42981Windows Performance Monitor Remote Code Execution Vulnerability
CVE-2026-42993Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-44817Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-44818Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-44819Microsoft Office Remote Code Execution Vulnerability
CVE-2026-44820Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-44823Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-44824Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45454Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2026-45457Microsoft Word Remote Code Execution Vulnerability
CVE-2026-45469Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-45471Microsoft Word Remote Code Execution Vulnerability
CVE-2026-45475Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45486Microsoft Word Remote Code Execution Vulnerability
CVE-2026-45583Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2026-45599Windows UPnP Device Host Remote Code Execution Vulnerability
CVE-2026-45635Windows UPnP Device Host Remote Code Execution Vulnerability
CVE-2026-45636Windows NTFS Remote Code Execution Vulnerability
CVE-2026-45643Microsoft Word Remote Code Execution Vulnerability
CVE-2026-45645Microsoft Office Remote Code Execution Vulnerability
CVE-2026-47298Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2026-47643Azure Stack Edge Remote Code Execution Vulnerability
CVE-2026-47653Remote Desktop Client Remote Code Execution Vulnerability

Information Disclosure (30 CVEs)

Critical severity
CVE-2026-42824M365 Copilot Information Disclosure Vulnerability
CVE-2026-45460Microsoft Office Information Disclosure Vulnerability
CVE-2026-47644Copilot Chat (Microsoft Edge) Information Disclosure Vulnerability
CVE-2026-47655Microsoft Graph Information Disclosure Vulnerability
CVE-2026-48579Microsoft Exchange Online Information Disclosure Vulnerability
Important severity
CVE-2026-42835Microsoft Teams for Android Information Disclosure Vulnerability
CVE-2026-42906Windows Shell Information Disclosure Vulnerability
CVE-2026-42907Windows Shell Information Disclosure Vulnerability
CVE-2026-42908Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
CVE-2026-42968Windows Telephony Server Information Disclosure Vulnerability
CVE-2026-42969Windows Push Notification Information Disclosure Vulnerability
CVE-2026-42970Windows Push Notification Information Disclosure Vulnerability
CVE-2026-42971Windows Push Notification Information Disclosure Vulnerability
CVE-2026-42972Windows Hyper-V Information Disclosure Vulnerability
CVE-2026-42973Windows Push Notification Information Disclosure Vulnerability
CVE-2026-44814Windows DWM Core Library Information Disclosure  Vulnerability
CVE-2026-44821Microsoft Word Information Disclosure Vulnerability
CVE-2026-44822Microsoft Excel Information Disclosure Vulnerability
CVE-2026-45455Microsoft Excel Information Disclosure Vulnerability
CVE-2026-45466Microsoft Word Information Disclosure Vulnerability
CVE-2026-45485Microsoft Word Information Disclosure Vulnerability
CVE-2026-45502Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2026-45503Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2026-45594Windows Application Identity (AppID) Information Disclosure Vulnerability
CVE-2026-45604Windows Managed Installer Information Disclosure Vulnerability
CVE-2026-45608Windows DHCP Client Information Disclosure Vulnerability
CVE-2026-45634Windows DHCP Client Information Disclosure Vulnerability
CVE-2026-45639Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
CVE-2026-47284Visual Studio Code Information Disclosure Vulnerability
CVE-2026-48566Windows DWM Core Library Information Disclosure  Vulnerability

Spoofing (27 CVEs)

Important severity
CVE-2026-33113Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-41098Azure Stack Edge Spoofing Vulnerability
CVE-2026-45453Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-45462Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-45464Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-45465Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-45467Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-45468Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-45479Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-45481Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-45483Microsoft Office Project Server Spoofing Vulnerability
CVE-2026-45500Microsoft Exchange Server Spoofing Vulnerability
CVE-2026-45501Microsoft Exchange Server Spoofing Vulnerability
CVE-2026-45642Microsoft Azure Attestation service and Device Health Attestation Service Spoofing Vulnerability
CVE-2026-45649Office for Android Spoofing Vulnerability
CVE-2026-45650Microsoft Bing Search Spoofing Vulnerability
CVE-2026-47631Microsoft Exchange Server Spoofing Vulnerability
CVE-2026-47634Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-47636Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-47637Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-47638Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-47639Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-47640Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-47641Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-48560Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-48562Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-50508Windows NTLM Spoofing Vulnerability

Security Feature Bypass (19 CVEs)

Important severity
CVE-2026-42829Windows Administrator Protection Secure Feature Bypass Vulnerability
CVE-2026-45459Microsoft Excel Security Feature Bypass Vulnerability
CVE-2026-45482Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass Vulnerability
CVE-2026-45585Windows BitLocker Security Feature Bypass Vulnerability
CVE-2026-45588Secure Boot Security Feature Bypass Vulnerability
CVE-2026-45595Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2026-45654Secure Boot Security Feature Bypass Vulnerability
CVE-2026-45655Windows BitLocker Security Feature Bypass Vulnerability
CVE-2026-45656UEFI Secure Boot Security Feature Bypass Vulnerability
CVE-2026-45658Windows BitLocker Security Feature Bypass Vulnerability
CVE-2026-47656Windows Boot Manager Security Feature Bypass Vulnerability
CVE-2026-48568Secure Boot Security Feature Bypass Vulnerability
CVE-2026-48569Visual Studio Code Security Feature Bypass Vulnerability
CVE-2026-48570Secure Boot Security Feature Bypass Vulnerability
CVE-2026-48573Secure Boot Security Feature Bypass Vulnerability
CVE-2026-48575Secure Boot Security Feature Bypass Vulnerability
CVE-2026-48576Secure Boot Security Feature Bypass Vulnerability
CVE-2026-49161Microsoft PC Manager Security Feature Bypass Vulnerability
CVE-2026-50507Windows BitLocker Security Feature Bypass Vulnerability

Denial of Service (7 CVEs)

Important severity
CVE-2026-42903Windows Kerberos Denial of Service Vulnerability
CVE-2026-42914Windows Kerberos Denial of Service Vulnerability
CVE-2026-42915Windows TCP/IP Denial of Service Vulnerability
CVE-2026-44805Windows Network Controller (NC) Host Agent Denial of Service Vulnerability
CVE-2026-45591ASP.NET Core Denial of Service Vulnerability
CVE-2026-45606Microsoft UxTheme Library (uxtheme.dll) Denial of Service Vulnerability
CVE-2026-49160HTTP.sys Denial of Service Vulnerability

Tampering (3 CVEs)

Important severity
CVE-2026-45491.NET Tampering Vulnerability
CVE-2026-45602Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability
CVE-2026-47287Visual Studio Code Tampering Vulnerability

Appendix B: Exploitability and CVSS

This is a list of the 16 June CVEs judged by Microsoft to be more likely to be exploited in the wild within the first 30 days post-release, as well as the single CVE acknowledged as already under attack. The list is arranged by CVE.

Exploitation detected
CVE-2026-41091Microsoft Defender Elevation of Privilege Vulnerability
Exploitation more likely in the next 30 days
CVE-2026-42905Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-42980NT OS Kernel Elevation of Privilege Vulnerability
CVE-2026-42985Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-42986Microsoft Graphics Component Elevation of Privilege Vulnerability
CVE-2026-42989Winlogon Elevation of Privilege Vulnerability
CVE-2026-44803Windows Graphics Component Remote Code Execution Vulnerability
CVE-2026-44812Windows Graphics Component Remote Code Execution Vulnerability
CVE-2026-45481Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-45585Windows BitLocker Security Feature Bypass Vulnerability
CVE-2026-45586Windows Collaborative Translation Framework (CTFMON) Elevation of Privilege Vulnerability
CVE-2026-45658Windows BitLocker Security Feature Bypass Vulnerability
CVE-2026-47291HTTP.sys Remote Code Execution Vulnerability
CVE-2026-47634Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-49160HTTP.sys Denial of Service Vulnerability
CVE-2026-50507Windows BitLocker Security Feature Bypass Vulnerability
CVE-2026-50508Windows NTLM Spoofing Vulnerability

These are the June CVEs with a Microsoft-assessed CVSS Base score of 8.0 or higher. They are arranged by score and further sorted by CVE. (Please note that the 10.0-scoerd Azure issue noted below has already been mitigated; no action is necessary and we have chosen not to give it further space in this very long writeup.) For more information on how CVSS works, please see our series on patch prioritization schema

CVSS BaseCVSS TemporalCVETitle
10.08.7CVE-2026-48567Azure HorizonDB  Elevation of Privilege Vulnerability
9.88.5CVE-2026-26142Nuance PowerScribe Remote Code Execution Vulnerability
9.88.5CVE-2026-44815DHCP Client Service Remote Code Execution Vulnerability
9.88.5CVE-2026-45657Windows Kernel Remote Code Execution Vulnerability
9.88.5CVE-2026-47291HTTP.sys Remote Code Execution Vulnerability
9.88.5CVE-2026-47643Azure Stack Edge Remote Code Execution Vulnerability
9.68.3CVE-2026-42904Windows TCP/IP Elevation of Privilege Vulnerability
9.68.3CVE-2026-47281Visual Studio Code Elevation of Privilege Vulnerability
9.17.9CVE-2026-45602Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability
9.17.9CVE-2026-48579Microsoft Exchange Online Information Disclosure Vulnerability
8.87.7CVE-2026-32193Azure Kubernetes Service (AKS) Remote Code Execution Vulnerability
8.87.7CVE-2026-40371Microsoft Dynamics 365 (on-premises) Elevation of Privilege Vulnerability
8.87.7CVE-2026-42985Remote Desktop Client Remote Code Execution Vulnerability
8.87.7CVE-2026-45484Microsoft SharePoint Elevation of Privilege Vulnerability
8.87.7CVE-2026-45504Microsoft Exchange Server Elevation of Privilege Vulnerability
8.87.7CVE-2026-45648Windows Active Directory Domain Services Remote Code Execution Vulnerability
8.87.7CVE-2026-47289Remote Desktop Client Remote Code Execution Vulnerability
8.87.7CVE-2026-47653Remote Desktop Client Remote Code Execution Vulnerability
8.47.3CVE-2026-41098Azure Stack Edge Spoofing Vulnerability
8.47.3CVE-2026-44810Microsoft Cryptographic Services Elevation of Privilege Vulnerability
8.47.3CVE-2026-45456Microsoft Outlook and Word Remote Code Execution Vulnerability
8.47.8CVE-2026-45458Microsoft Outlook and Word Remote Code Execution Vulnerability
8.47.3CVE-2026-45461Microsoft Office Remote Code Execution Vulnerability
8.47.3CVE-2026-45463Microsoft Office Remote Code Execution Vulnerability
8.47.3CVE-2026-45472Microsoft Office Remote Code Execution Vulnerability
8.47.3CVE-2026-45474Microsoft Office Remote Code Execution Vulnerability
8.47.3CVE-2026-45482Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass Vulnerability
8.47.3CVE-2026-45607Windows Hyper-V Remote Code Execution Vulnerability
8.47.3CVE-2026-45641Windows Hyper-V Remote Code Execution Vulnerability
8.47.3CVE-2026-47635Microsoft Outlook and Word Remote Code Execution Vulnerability
8.27.1CVE-2026-44822Microsoft Excel Information Disclosure Vulnerability
8.27.1CVE-2026-45476Microsoft Azure Network Adapter Elevation of Privilege Vulnerability
8.27.1CVE-2026-47652Windows Hyper-V Remote Code Execution Vulnerability
8.17.1CVE-2026-42835Microsoft Teams for Android Information Disclosure Vulnerability
8.17.1CVE-2026-42974Windows Performance Monitor Remote Code Execution Vulnerability
8.17.1CVE-2026-42981Windows Performance Monitor Remote Code Execution Vulnerability
8.17.1CVE-2026-42987Windows Deployment Services (WDS) Remote Code Execution
8.17.1CVE-2026-45503Microsoft Exchange Server Information Disclosure Vulnerability
8.17.1CVE-2026-45599Windows UPnP Device Host Remote Code Execution Vulnerability
8.17.1CVE-2026-45635Windows UPnP Device Host Remote Code Execution Vulnerability
8.17.1CVE-2026-47631Microsoft Exchange Server Spoofing Vulnerability
8.07.0CVE-2026-45644Microsoft Live Share Canvas SDK Elevation of Privilege Vulnerability
8.07.0CVE-2026-47298Microsoft SharePoint Server Remote Code Execution Vulnerability

Appendix C: Products Affected

This is a list of June’s patches sorted by product family, then sub-sorted by severity. Each list is further arranged by CVE. Patches that are shared among multiple product families are listed multiple times, once for each product family. All CVE titles are accurate as made available by Microsoft. For further information on why certain products may appear in titles and not product families (or vice versa), please consult Microsoft.

Windows (119 CVEs)

Critical severity
CVE-2026-33828Windows Device Health Attestation (DHA) Elevation of Privilege Vulnerability
CVE-2026-42985Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-42987Windows Deployment Services (WDS) Remote Code Execution
CVE-2026-42992Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-44799Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-44801Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-44803Windows Graphics Component Remote Code Execution Vulnerability
CVE-2026-44810Microsoft Cryptographic Services Elevation of Privilege Vulnerability
CVE-2026-44812Windows Graphics Component Remote Code Execution Vulnerability
CVE-2026-44815DHCP Client Service Remote Code Execution Vulnerability
CVE-2026-45607Windows Hyper-V Remote Code Execution Vulnerability
CVE-2026-45641Windows Hyper-V Remote Code Execution Vulnerability
CVE-2026-45648Windows Active Directory Domain Services Remote Code Execution Vulnerability
CVE-2026-45657Windows Kernel Remote Code Execution Vulnerability
CVE-2026-47288Windows Kerberos Key Distribution Center (KDC) Remote Code Execution
CVE-2026-47289Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-47291HTTP.sys Remote Code Execution Vulnerability
CVE-2026-47652Windows Hyper-V Remote Code Execution Vulnerability
CVE-2026-47654Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-48563Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-48574Windows Media Remote Code Execution Vulnerability
Important severity
CVE-2020-17103Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2026-34335Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-40404Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
CVE-2026-40409Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
CVE-2026-41092Microsoft Kinect Elevation of Privilege Vulnerability
CVE-2026-41108Windows DNS Client Elevation of Privilege Vulnerability
CVE-2026-42828Windows Projected File System Elevation of Privilege Vulnerability
CVE-2026-42829Windows Administrator Protection Secure Feature Bypass Vulnerability
CVE-2026-42836Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability
CVE-2026-42837Windows Projected File System Elevation of Privilege Vulnerability
CVE-2026-42903Windows Kerberos Denial of Service Vulnerability
CVE-2026-42904Windows TCP/IP Elevation of Privilege Vulnerability
CVE-2026-42905Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-42906Windows Shell Information Disclosure Vulnerability
CVE-2026-42907Windows Shell Information Disclosure Vulnerability
CVE-2026-42908Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
CVE-2026-42909Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-42910Windows Hotpatch Monitoring Service Elevation of Privilege Vulnerability
CVE-2026-42911Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-42912Windows Telephony Service Elevation of Privilege Vulnerability
CVE-2026-42913Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-42914Windows Kerberos Denial of Service Vulnerability
CVE-2026-42915Windows TCP/IP Denial of Service Vulnerability
CVE-2026-42916NT OS Kernel Elevation of Privilege Vulnerability
CVE-2026-42968Windows Telephony Server Information Disclosure Vulnerability
CVE-2026-42969Windows Push Notification Information Disclosure Vulnerability
CVE-2026-42970Windows Push Notification Information Disclosure Vulnerability
CVE-2026-42971Windows Push Notification Information Disclosure Vulnerability
CVE-2026-42972Windows Hyper-V Information Disclosure Vulnerability
CVE-2026-42973Windows Push Notification Information Disclosure Vulnerability
CVE-2026-42974Windows Performance Monitor Remote Code Execution Vulnerability
CVE-2026-42977Windows Push Notifications Elevation of Privilege Vulnerability
CVE-2026-42978Windows Push Notifications Elevation of Privilege Vulnerability
CVE-2026-42979Windows Push Notifications Elevation of Privilege Vulnerability
CVE-2026-42980NT OS Kernel Elevation of Privilege Vulnerability
CVE-2026-42981Windows Performance Monitor Remote Code Execution Vulnerability
CVE-2026-42983Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-42984Windows Kernel Elevation of Privilege Vulnerability
CVE-2026-42986Microsoft Graphics Component Elevation of Privilege Vulnerability
CVE-2026-42989Winlogon Elevation of Privilege Vulnerability
CVE-2026-42991Windows Push Notifications Elevation of Privilege Vulnerability
CVE-2026-42993Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-44802Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-44804Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-44805Windows Network Controller (NC) Host Agent Denial of Service Vulnerability
CVE-2026-44807Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-44808Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-44809Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2026-44811Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-44813Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-44814Windows DWM Core Library Information Disclosure  Vulnerability
CVE-2026-45487Windows Program Compatibility Assistant Service Elevation of Privilege Vulnerability
CVE-2026-45585Windows BitLocker Security Feature Bypass Vulnerability
CVE-2026-45586Windows Collaborative Translation Framework (CTFMON) Elevation of Privilege Vulnerability
CVE-2026-45588Secure Boot Security Feature Bypass Vulnerability
CVE-2026-45592Windows Internet (wininet.dll) Elevation of Privilege Vulnerability
CVE-2026-45593Windows SDK Elevation of Privilege Vulnerability
CVE-2026-45594Windows Application Identity (AppID) Information Disclosure Vulnerability
CVE-2026-45595Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2026-45596Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-45597Windows UI Automation Manager (uiamanager.dll) Elevation of Privilege Vulnerability
CVE-2026-45598Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-45599Windows UPnP Device Host Remote Code Execution Vulnerability
CVE-2026-45600Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2026-45601Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-45602Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability
CVE-2026-45603Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-45604Windows Managed Installer Information Disclosure Vulnerability
CVE-2026-45605Windows Bluetooth Service Elevation of Privilege Vulnerability
CVE-2026-45606Microsoft UxTheme Library (uxtheme.dll) Denial of Service Vulnerability
CVE-2026-45608Windows DHCP Client Information Disclosure Vulnerability
CVE-2026-45634Windows DHCP Client Information Disclosure Vulnerability
CVE-2026-45635Windows UPnP Device Host Remote Code Execution Vulnerability
CVE-2026-45636Windows NTFS Remote Code Execution Vulnerability
CVE-2026-45637Microsoft DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-45638Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-45639Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
CVE-2026-45640Windows Bluetooth Port Driver Elevation of Privilege Vulnerability
CVE-2026-45642Microsoft Azure Attestation service and Device Health Attestation Service Spoofing Vulnerability
CVE-2026-45653Windows Kernel Elevation of Privilege Vulnerability
CVE-2026-45654Secure Boot Security Feature Bypass Vulnerability
CVE-2026-45655Windows BitLocker Security Feature Bypass Vulnerability
CVE-2026-45656UEFI Secure Boot Security Feature Bypass Vulnerability
CVE-2026-45658Windows BitLocker Security Feature Bypass Vulnerability
CVE-2026-47648Windows Storage Elevation of Privilege Vulnerability
CVE-2026-47653Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-47656Windows Boot Manager Security Feature Bypass Vulnerability
CVE-2026-48566Windows DWM Core Library Information Disclosure  Vulnerability
CVE-2026-48568Secure Boot Security Feature Bypass Vulnerability
CVE-2026-48570Secure Boot Security Feature Bypass Vulnerability
CVE-2026-48573Secure Boot Security Feature Bypass Vulnerability
CVE-2026-48575Secure Boot Security Feature Bypass Vulnerability
CVE-2026-48576Secure Boot Security Feature Bypass Vulnerability
CVE-2026-48578Secure Boot Security Feature Bypass Vulnerability
CVE-2026-48583Windows Kernel Elevation of Privilege Vulnerability
CVE-2026-49160HTTP.sys Denial of Service Vulnerability
CVE-2026-50507Windows BitLocker Security Feature Bypass Vulnerability
CVE-2026-50508Windows NTLM Spoofing Vulnerability

SharePoint (30 CVEs)

Critical severity
CVE-2026-45456Microsoft Outlook and Word Remote Code Execution Vulnerability
CVE-2026-45458Microsoft Outlook and Word Remote Code Execution Vulnerability
Important severity
CVE-2026-33113Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-44819Microsoft Office Remote Code Execution Vulnerability
CVE-2026-44821Microsoft Word Information Disclosure Vulnerability
CVE-2026-44824Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45453Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-45454Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2026-45462Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-45464Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-45465Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-45467Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-45468Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-45471Microsoft Word Remote Code Execution Vulnerability
CVE-2026-45475Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45479Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-45481Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-45483Microsoft Office Project Server Spoofing Vulnerability
CVE-2026-45484Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2026-45485Microsoft Word Information Disclosure Vulnerability
CVE-2026-47298Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2026-47634Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-47636Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-47637Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-47638Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-47639Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-47640Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-47641Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-48560Microsoft SharePoint Server Spoofing Vulnerability
CVE-2026-48562Microsoft SharePoint Server Spoofing Vulnerability

365 (29 CVEs)

Critical severity
CVE-2026-42824M365 Copilot Information Disclosure Vulnerability
CVE-2026-45456Microsoft Outlook and Word Remote Code Execution Vulnerability
CVE-2026-45458Microsoft Outlook and Word Remote Code Execution Vulnerability
CVE-2026-45460Microsoft Office Information Disclosure Vulnerability
CVE-2026-45461Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45463Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45472Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45474Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45497Microsoft M365 Copilot Remote Code Execution Vulnerability
Important severity
CVE-2026-44817Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-44818Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-44819Microsoft Office Remote Code Execution Vulnerability
CVE-2026-44820Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-44821Microsoft Word Information Disclosure Vulnerability
CVE-2026-44822Microsoft Excel Information Disclosure Vulnerability
CVE-2026-44823Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-44824Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45455Microsoft Excel Information Disclosure Vulnerability
CVE-2026-45457Microsoft Word Remote Code Execution Vulnerability
CVE-2026-45459Microsoft Excel Security Feature Bypass Vulnerability
CVE-2026-45466Microsoft Word Information Disclosure Vulnerability
CVE-2026-45469Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-45471Microsoft Word Remote Code Execution Vulnerability
CVE-2026-45475Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45485Microsoft Word Information Disclosure Vulnerability
CVE-2026-45486Microsoft Word Remote Code Execution Vulnerability
CVE-2026-45643Microsoft Word Remote Code Execution Vulnerability
CVE-2026-45645Microsoft Office Remote Code Execution Vulnerability
CVE-2026-47293Microsoft Office Click-To-Run Elevation of Privilege Vulnerability

Office (28 CVEs)

Critical severity
CVE-2026-45456Microsoft Outlook and Word Remote Code Execution Vulnerability
CVE-2026-45458Microsoft Outlook and Word Remote Code Execution Vulnerability
CVE-2026-45460Microsoft Office Information Disclosure Vulnerability
CVE-2026-45461Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45463Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45472Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45474Microsoft Office Remote Code Execution Vulnerability
CVE-2026-47635Microsoft Outlook and Word Remote Code Execution Vulnerability
Important severity
CVE-2026-44817Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-44818Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-44819Microsoft Office Remote Code Execution Vulnerability
CVE-2026-44820Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-44821Microsoft Word Information Disclosure Vulnerability
CVE-2026-44822Microsoft Excel Information Disclosure Vulnerability
CVE-2026-44823Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-44824Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45455Microsoft Excel Information Disclosure Vulnerability
CVE-2026-45457Microsoft Word Remote Code Execution Vulnerability
CVE-2026-45459Microsoft Excel Security Feature Bypass Vulnerability
CVE-2026-45466Microsoft Word Information Disclosure Vulnerability
CVE-2026-45469Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-45471Microsoft Word Remote Code Execution Vulnerability
CVE-2026-45475Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45485Microsoft Word Information Disclosure Vulnerability
CVE-2026-45486Microsoft Word Remote Code Execution Vulnerability
CVE-2026-45643Microsoft Word Remote Code Execution Vulnerability
CVE-2026-45645Microsoft Office Remote Code Execution Vulnerability
CVE-2026-47293Microsoft Office Click-To-Run Elevation of Privilege Vulnerability

Excel (10 CVEs)

Critical severity
CVE-2026-44803Windows Graphics Component Remote Code Execution Vulnerability
CVE-2026-44812Windows Graphics Component Remote Code Execution Vulnerability
Important severity
CVE-2026-44817Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-44818Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-44820Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-44822Microsoft Excel Information Disclosure Vulnerability
CVE-2026-44823Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-45455Microsoft Excel Information Disclosure Vulnerability
CVE-2026-45469Microsoft Excel Remote Code Execution Vulnerability
CVE-2026-45649Office for Android Spoofing Vulnerability

Word (10 CVEs)

Critical severity
CVE-2026-44803Windows Graphics Component Remote Code Execution Vulnerability
CVE-2026-44812Windows Graphics Component Remote Code Execution Vulnerability
CVE-2026-45456Microsoft Outlook and Word Remote Code Execution Vulnerability
CVE-2026-45458Microsoft Outlook and Word Remote Code Execution Vulnerability
Important severity
CVE-2026-44821Microsoft Word Information Disclosure Vulnerability
CVE-2026-44824Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45471Microsoft Word Remote Code Execution Vulnerability
CVE-2026-45475Microsoft Office Remote Code Execution Vulnerability
CVE-2026-45485Microsoft Word Information Disclosure Vulnerability
CVE-2026-45649Office for Android Spoofing Vulnerability

Exchange (8 CVEs)

Critical severity
CVE-2026-48579Microsoft Exchange Online Information Disclosure Vulnerability
Important severity
CVE-2026-45500Microsoft Exchange Server Spoofing Vulnerability
CVE-2026-45501Microsoft Exchange Server Spoofing Vulnerability
CVE-2026-45502Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2026-45503Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2026-45504Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2026-45583Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2026-47631Microsoft Exchange Server Spoofing Vulnerability

Visual Studio (8 CVEs)

Important severity
CVE-2026-40376Visual Studio Code Elevation of Privilege Vulnerability
CVE-2026-45482Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass Vulnerability
CVE-2026-45591ASP.NET Core Denial of Service Vulnerability
CVE-2026-47281Visual Studio Code Elevation of Privilege Vulnerability
CVE-2026-47284Visual Studio Code Information Disclosure Vulnerability
CVE-2026-47287Visual Studio Code Tampering Vulnerability
CVE-2026-47292Visual Studio Code MSSQL Extension Remote Code Execution Vulnerability
CVE-2026-48569Visual Studio Code Security Feature Bypass Vulnerability

Azure (5 CVEs)

Important severity
CVE-2026-32193Azure Kubernetes Service (AKS) Remote Code Execution Vulnerability
CVE-2026-45476Microsoft Azure Network Adapter Elevation of Privilege Vulnerability
CVE-2026-48567Azure HorizonDB  Elevation of Privilege Vulnerability
CVE-2026-41098Azure Stack Edge Spoofing Vulnerability
CVE-2026-47643Azure Stack Edge Remote Code Execution Vulnerability

.NET (3 CVEs)

Important severity
CVE-2026-45490.NET SDK Elevation of Privilege Vulnerability
CVE-2026-45491.NET Tampering Vulnerability
CVE-2026-45591ASP.NET Core Denial of Service Vulnerability


PowerPoint (3 CVEs)

Critical severity
CVE-2026-44803Windows Graphics Component Remote Code Execution Vulnerability
CVE-2026-44812Windows Graphics Component Remote Code Execution Vulnerability
Important severity
CVE-2026-45649Office for Android Spoofing Vulnerability

PC Manager (3 CVEs)

Important severity
CVE-2026-49161Microsoft PC Manager Security Feature Bypass Vulnerability
CVE-2026-50511Microsoft PC Manager Elevation of Privilege Vulnerability
CVE-2026-50512Microsoft PC Manager Elevation of Privilege Vulnerability

ASP.NET (1 CVE)

Important severity
CVE-2026-45591ASP.NET Core Denial of Service Vulnerability

Bing Search for Android (1 CVE)

Important severity
CVE-2026-45650Microsoft Bing Search Spoofing Vulnerability

Defender (1 CVE)

Important severity
CVE-2026-45647Microsoft Defender Elevation of Privilege Vulnerability

See MMPC table below for information on CVE-2026-41091.

Dynamics 365 (1 CVE)

Important severity
CVE-2026-40371Microsoft Dynamics 365 (on-premises) Elevation of Privilege Vulnerability

Edge – Copilot Chat (1 CVE)

Critical severity
CVE-2026-47644Copilot Chat (Microsoft Edge) Information Disclosure Vulnerability

Microsoft Graph (1 CVE)

Critical severity
CVE-2026-47655Microsoft Graph Information Disclosure Vulnerability

Microsoft Live Share Canvas SDK (1 CVE)

Important severity
CVE-2026-45644Microsoft Live Share Canvas SDK Elevation of Privilege Vulnerability

MMPC (1 CVE)

Important severity
CVE-2026-41091Microsoft Defender Elevation of Privilege Vulnerability

Nuance PowerScribe (1 CVE)

Critical severity
CVE-2026-26142Nuance PowerScribe Remote Code Execution Vulnerability

PowerToys (1 CVE)

Important severity
CVE-2026-42902Microsoft PowerToys Elevation of Privilege Vulnerability

Teams for Android (1 CVE)

Important severity
CVE-2026-42835Microsoft Teams for Android Information Disclosure Vulnerability

Windows Narrator Braille (1 CVE)

Important severity
CVE-2026-48565Windows Narrator Braille Elevation of Privilege Vulnerability

Appendix D: Advisories and Other Products

There are 388 Edge-related advisories listed in June’s release, all but three from Chrome. Because virtually all these patches shipped before Patch Tuesday, and because this post is already horrifically long, we are down to just listing those Edge CVEs and exhorting readers to patch, patch, patch.

CVE-2026-10881CVE-2026-10990CVE-2026-11095CVE-2026-11201
CVE-2026-10882CVE-2026-10991CVE-2026-11096CVE-2026-11203
CVE-2026-10884CVE-2026-10992CVE-2026-11098CVE-2026-11206
CVE-2026-10886CVE-2026-10993CVE-2026-11099CVE-2026-11207
CVE-2026-10887CVE-2026-10994CVE-2026-11100CVE-2026-11208
CVE-2026-10888CVE-2026-10995CVE-2026-11101CVE-2026-11209
CVE-2026-10889CVE-2026-10996CVE-2026-11102CVE-2026-11210
CVE-2026-10890CVE-2026-10997CVE-2026-11103CVE-2026-11211
CVE-2026-10891CVE-2026-10998CVE-2026-11104CVE-2026-11212
CVE-2026-10893CVE-2026-10999CVE-2026-11105CVE-2026-11213
CVE-2026-10894CVE-2026-11000CVE-2026-11106CVE-2026-11216
CVE-2026-10895CVE-2026-11001CVE-2026-11107CVE-2026-11217
CVE-2026-10897CVE-2026-11002CVE-2026-11109CVE-2026-11218
CVE-2026-10898CVE-2026-11003CVE-2026-11110CVE-2026-11219
CVE-2026-10899CVE-2026-11004CVE-2026-11111CVE-2026-11220
CVE-2026-10900CVE-2026-11005CVE-2026-11112CVE-2026-11221
CVE-2026-10901CVE-2026-11006CVE-2026-11113CVE-2026-11222
CVE-2026-10902CVE-2026-11008CVE-2026-11114CVE-2026-11223
CVE-2026-10903CVE-2026-11009CVE-2026-11115CVE-2026-11224
CVE-2026-10904CVE-2026-11011CVE-2026-11116CVE-2026-11225
CVE-2026-10905CVE-2026-11013CVE-2026-11117CVE-2026-11227
CVE-2026-10906CVE-2026-11014CVE-2026-11118CVE-2026-11228
CVE-2026-10907CVE-2026-11015CVE-2026-11120CVE-2026-11229
CVE-2026-10908CVE-2026-11016CVE-2026-11121CVE-2026-11230
CVE-2026-10909CVE-2026-11017CVE-2026-11122CVE-2026-11231
CVE-2026-10910CVE-2026-11018CVE-2026-11123CVE-2026-11232
CVE-2026-10911CVE-2026-11020CVE-2026-11124CVE-2026-11233
CVE-2026-10912CVE-2026-11021CVE-2026-11125CVE-2026-11234
CVE-2026-10913CVE-2026-11022CVE-2026-11126CVE-2026-11235
CVE-2026-10914CVE-2026-11023CVE-2026-11128CVE-2026-11236
CVE-2026-10916CVE-2026-11024CVE-2026-11129CVE-2026-11237
CVE-2026-10917CVE-2026-11025CVE-2026-11130CVE-2026-11238
CVE-2026-10918CVE-2026-11026CVE-2026-11132CVE-2026-11239
CVE-2026-10919CVE-2026-11027CVE-2026-11133CVE-2026-11240
CVE-2026-10920CVE-2026-11028CVE-2026-11134CVE-2026-11241
CVE-2026-10921CVE-2026-11030CVE-2026-11135CVE-2026-11242
CVE-2026-10922CVE-2026-11031CVE-2026-11136CVE-2026-11243
CVE-2026-10924CVE-2026-11032CVE-2026-11137CVE-2026-11244
CVE-2026-10925CVE-2026-11033CVE-2026-11138CVE-2026-11245
CVE-2026-10926CVE-2026-11036CVE-2026-11139CVE-2026-11246
CVE-2026-10927CVE-2026-11037CVE-2026-11140CVE-2026-11248
CVE-2026-10928CVE-2026-11038CVE-2026-11141CVE-2026-11249
CVE-2026-10930CVE-2026-11039CVE-2026-11142CVE-2026-11250
CVE-2026-10931CVE-2026-11040CVE-2026-11143CVE-2026-11251
CVE-2026-10932CVE-2026-11041CVE-2026-11144CVE-2026-11252
CVE-2026-10933CVE-2026-11042CVE-2026-11146CVE-2026-11253
CVE-2026-10935CVE-2026-11043CVE-2026-11147CVE-2026-11254
CVE-2026-10936CVE-2026-11044CVE-2026-11149CVE-2026-11255
CVE-2026-10937CVE-2026-11046CVE-2026-11150CVE-2026-11256
CVE-2026-10938CVE-2026-11047CVE-2026-11151CVE-2026-11257
CVE-2026-10939CVE-2026-11048CVE-2026-11152CVE-2026-11258
CVE-2026-10940CVE-2026-11049CVE-2026-11153CVE-2026-11259
CVE-2026-10941CVE-2026-11050CVE-2026-11154CVE-2026-11260
CVE-2026-10942CVE-2026-11051CVE-2026-11155CVE-2026-11261
CVE-2026-10943CVE-2026-11052CVE-2026-11156CVE-2026-11262
CVE-2026-10945CVE-2026-11053CVE-2026-11157CVE-2026-11264
CVE-2026-10946CVE-2026-11054CVE-2026-11158CVE-2026-11265
CVE-2026-10947CVE-2026-11055CVE-2026-11159CVE-2026-11266
CVE-2026-10948CVE-2026-11056CVE-2026-11160CVE-2026-11267
CVE-2026-10949CVE-2026-11057CVE-2026-11161CVE-2026-11268
CVE-2026-10954CVE-2026-11058CVE-2026-11162CVE-2026-11269
CVE-2026-10955CVE-2026-11059CVE-2026-11164CVE-2026-11271
CVE-2026-10956CVE-2026-11060CVE-2026-11166CVE-2026-11273
CVE-2026-10957CVE-2026-11061CVE-2026-11168CVE-2026-11275
CVE-2026-10960CVE-2026-11062CVE-2026-11169CVE-2026-11276
CVE-2026-10962CVE-2026-11063CVE-2026-11170CVE-2026-11279
CVE-2026-10963CVE-2026-11066CVE-2026-11171CVE-2026-11281
CVE-2026-10964CVE-2026-11067CVE-2026-11173CVE-2026-11282
CVE-2026-10965CVE-2026-11068CVE-2026-11174CVE-2026-11283
CVE-2026-10966CVE-2026-11069CVE-2026-11176CVE-2026-11284
CVE-2026-10968CVE-2026-11070CVE-2026-11177CVE-2026-11286
CVE-2026-10969CVE-2026-11071CVE-2026-11179CVE-2026-11288
CVE-2026-10970CVE-2026-11073CVE-2026-11180CVE-2026-11289
CVE-2026-10971CVE-2026-11074CVE-2026-11181CVE-2026-11292
CVE-2026-10972CVE-2026-11075CVE-2026-11182CVE-2026-11293
CVE-2026-10973CVE-2026-11076CVE-2026-11184CVE-2026-11294
CVE-2026-10974CVE-2026-11078CVE-2026-11185CVE-2026-11296
CVE-2026-10975CVE-2026-11079CVE-2026-11186CVE-2026-11299
CVE-2026-10976CVE-2026-11081CVE-2026-11187CVE-2026-11300
CVE-2026-10977CVE-2026-11083CVE-2026-11189CVE-2026-11301
CVE-2026-10978CVE-2026-11084CVE-2026-11190CVE-2026-11303
CVE-2026-10979CVE-2026-11085CVE-2026-11191CVE-2026-11304
CVE-2026-10980CVE-2026-11086CVE-2026-11192CVE-2026-11305
CVE-2026-10981CVE-2026-11087CVE-2026-11193CVE-2026-11306
CVE-2026-10982CVE-2026-11088CVE-2026-11194CVE-2026-11307
CVE-2026-10983CVE-2026-11089CVE-2026-11195CVE-2026-11308
CVE-2026-10985CVE-2026-11090CVE-2026-11196CVE-2026-11309
CVE-2026-10986CVE-2026-11091CVE-2026-11197CVE-2026-20942
CVE-2026-10987CVE-2026-11092CVE-2026-11198CVE-2026-32208
CVE-2026-10988CVE-2026-11093CVE-2026-11199CVE-2026-45488
CVE-2026-10989CVE-2026-11094CVE-2026-11200

 

There are also two Windows-related advisories, to which we afford the dignity of names and severity / impact information. Please note that as mentioned above, that client-only CVE-2026-10263 is sporting a rather high CVSS Base score of 9.3.

CVE-2026-8863UEFI Secure Boot Security Feature Bypass VulnerabilitySecurity Feature BypassImportant
CVE-2025-10263ARM CVE-2025-10263: Completion of affected memory accesses might not be guaranteed by completion of a TLBI [kernel]Elevation of PrivilegeCritical

Meanwhile, there are 23 CVEs from Adobe. Seven of these affect ColdFusion 2025 Update 8 and earlier as well as ColdFusion 2023 Update 19 and earlier, and are collectively addressed in APSB26-64.  The rest affect Acrobat Reader 26.001.21411 and earlier, 26.001.21411 and earlier, Win: 24.001.30362 and earlier (Windows), and 24.001.30360 and earlier (Mac); they are collectively addressed in APSB26-64. Unusually, a majority of this month’s CVEs come with a Critical severity rating; for that reason, we’re taking the time to mark those troubling items in red.

ForColdFusion

CVE-2026-47928Improper Input Validation (CWE-20)
CVE-2026-47929Incorrect Authorization (CWE-863)
CVE-2026-47930Improper Input Validation (CWE-20)
CVE-2026-47931Improper Input Validation (CWE-20)
CVE-2026-47932Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)
CVE-2026-48293Improper Restriction of XML External Entity Reference ('XXE') (CWE-611)
CVE-2026-47933Cross-site Scripting (Stored XSS) (CWE-79)

For Reader

CVE-2026-47911Out-of-bounds Write (CWE-787)
CVE-2026-47912Use After Free (CWE-416)
CVE-2026-47913Use After Free (CWE-416)
CVE-2026-47914Use After Free (CWE-416)
CVE-2026-47915Use After Free (CWE-416)
CVE-2026-47916Use After Free (CWE-416)
CVE-2026-47917Use After Free (CWE-416)
CVE-2026-47918Use After Free (CWE-416)
CVE-2026-47919Use After Free (CWE-416)
CVE-2026-47920Use After Free (CWE-416)
CVE-2026-47921Use After Free (CWE-416)
CVE-2026-47922Uncontrolled Resource Consumption (CWE-400)
CVE-2026-47923Out-of-bounds Read (CWE-125)
CVE-2026-47924Use After Free (CWE-416)
CVE-2026-47925Integer Overflow or Wraparound (CWE-190)
CVE-2026-47926Out-of-bounds Read (CWE-125)

Microsoft also issued the usual servicing stack updates this month (ADV990001).

Appendix E: Affected Windows Server versions

This is a table of 113 CVEs in the June release affecting Windows Server versions 2012 through 2025. The table differentiates among major versions of the platform but doesn’t go into deeper detail (eg., Server Core). An “x” indicates that the CVE does not apply to that version. Several Windows CVEs are affect only the client, and those CVEs are omitted from the table entirely. We also include the Important-severity, Windows-touching advisory from CERT/CC, since the Server versions it affects are known, for a grand total of 114. That advisory is indicated in this chart in blue. The Critical-severity patch from Arm Limited is not known to affect any versions of the server.

We remind readers that May was the final month of support for Server 2023 r2, and so that column is out of the table going forward.

Administrators are encouraged to use this appendix as a starting point to ascertain their specific exposure, as each reader’s situation, especially as it concerns products out of mainstream support, will vary. For specific Knowledge Base numbers, please consult Microsoft. 

CVE

S-12

12r2

S-16

S-19

S-22

S-25
CVE-2020-17103

×

×

×

×

CVE-2026-8863

CVE-2026-33828

×

×

CVE-2026-34335

CVE-2026-40404

CVE-2026-40409

CVE-2026-41092

CVE-2026-41108

CVE-2026-42828

×

×

×

CVE-2026-42836

CVE-2026-42837

×

×

×

CVE-2026-42903

CVE-2026-42904

×

×

×

×

CVE-2026-42905

CVE-2026-42906

×

×

×

×

CVE-2026-42907

×

×

×

CVE-2026-42908

CVE-2026-42909

CVE-2026-42910

×

×

×

×

×

CVE-2026-42911

CVE-2026-42912

CVE-2026-42913

×

×

×

×

CVE-2026-42914

CVE-2026-42915

×

×

×

×

CVE-2026-42916

CVE-2026-42968

CVE-2026-42969

×

×

CVE-2026-42970

CVE-2026-42971

×

×

CVE-2026-42972

CVE-2026-42973

×

×

CVE-2026-42974

×

×

×

×

CVE-2026-42977

×

×

×

CVE-2026-42978

×

×

×

CVE-2026-42979

×

×

×

CVE-2026-42980

CVE-2026-42981

×

×

×

×

CVE-2026-42983

×

×

×

CVE-2026-42984

×

×

×

CVE-2026-42985

CVE-2026-42986

CVE-2026-42987

CVE-2026-42989

CVE-2026-42991

×

×

×

CVE-2026-42992

×

×

CVE-2026-42993

×

×

×

×

CVE-2026-44799

CVE-2026-44801

CVE-2026-44802

×

×

×

CVE-2026-44803

CVE-2026-44805

×

×

×

CVE-2026-44809

×

×

×

×

×

CVE-2026-44810

×

×

×

×

CVE-2026-44812

CVE-2026-44815

CVE-2026-45487

×

×

×

×

CVE-2026-45585

×

×

×

×

×

CVE-2026-45586

CVE-2026-45588

CVE-2026-45592

×

CVE-2026-45593

×

×

×

CVE-2026-45594

×

×

CVE-2026-45595

×

CVE-2026-45596

CVE-2026-45597

×

×

×

×

CVE-2026-45598

CVE-2026-45599

CVE-2026-45600

×

×

×

×

×

CVE-2026-45601

CVE-2026-45602

CVE-2026-45603

CVE-2026-45604

×

×

×

×

×

CVE-2026-45605

×

×

CVE-2026-45606

CVE-2026-45607

×

×

CVE-2026-45608

CVE-2026-45634

CVE-2026-45635

CVE-2026-45636

CVE-2026-45637

×

×

×

CVE-2026-45638

CVE-2026-45639

CVE-2026-45640

×

×

×

×

CVE-2026-45641

×

×

×

×

CVE-2026-45642

CVE-2026-45648

×

×

×

×

CVE-2026-45653

CVE-2026-45654

×

×

×

×

×

CVE-2026-45655

CVE-2026-45656

CVE-2026-45657

×

×

×

×

CVE-2026-45658

CVE-2026-47288

CVE-2026-47289

CVE-2026-47291

CVE-2026-47648

CVE-2026-47652

×

×

×

×

CVE-2026-47653

CVE-2026-47654

×

×

CVE-2026-47656

CVE-2026-48563

×

×

×

CVE-2026-48566

×

×

×

×

×

CVE-2026-48568

CVE-2026-48570

CVE-2026-48573

CVE-2026-48574

CVE-2026-48575

CVE-2026-48576

CVE-2026-48578

CVE-2026-48583

×

×

CVE-2026-49160

×

×

CVE-2026-50507

×

CVE-2026-50508

×

×

Appendix F: Common Weakness Enumeration

As mentioned above, Microsoft now (almost always!) states which CWEs affect the CVEs they address. This month, we looked at which CWEs were most heavily represented in the dataset and compared them to last month’s inaugural numbers. The June dataset of 209 CVEs gave us 208 CWEs to examine; 24 CVEs had two CVEs, and one had three CWEs. There were 44 unique CWEs, which is just about average for the CWE project so far. Once again CWE-416, Use After Free, leads the pack, appearing in just over 20 percent of all cases. The rest of the field remains is fairly diffuse, with only four other CWEs appearing more than five percent of the time. We did note one especially forehead-smack item this time around: Visual Studio Code Elevation of Privilege Vulnerability, CVE-2026-47281, not only is the only CVE to sport three different CWE findings this time, one of those findings is CWE-798, Use of Hard-Coded Credentials. Sigh.

CWECountCWE Name
41642Use After Free
12224Heap-based Buffer Overflow
7920Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
12519Out-of-bounds Read
36214Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
20010Exposure of Sensitive Information to an Unauthorized Actor
6939Protection Mechanism Failure
1908Integer Overflow or Wraparound
2847Improper Access Control
206Improper Input Validation
595Improper Link Resolution Before File Access ('Link Following')
2855Improper Authorization
8435Access of Resource Using Incompatible Type ('Type Confusion')
1914Integer Underflow (Wrap or Wraparound)
8224Untrusted Pointer Dereference
223Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
743Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
773Improper Neutralization of Special Elements used in a Command ('Command Injection')
1213Stack-based Buffer Overflow
1973Numeric Truncation Error
3063Missing Authentication for Critical Function
5023Deserialization of Untrusted Data
9183Server-Side Request Forgery (SSRF)
232Relative Path Traversal
942Improper Control of Generation of Code ('Code Injection')
1262Buffer Over-read
3672Time-of-check Time-of-use (TOCTOU) Race Condition
4002Uncontrolled Resource Consumption
4262Untrusted Search Path
13292Reliance on Component That is Not Updateable
731External Control of File Name or Path
1311Incorrect Calculation of Buffer Size
2691Improper Privilege Management
2801Improper Handling of Insufficient Permissions or Privileges
2871Improper Authentication
2901Authentication Bypass by Spoofing
4511User Interface (UI) Misrepresentation of Critical Information
4761NULL Pointer Dereference
5011Trust Boundary Violation
7871Out-of-bounds Write
7981Use of Hard-coded Credentials
8291Inclusion of Functionality from Untrusted Control Sphere
8621Missing Authorization
9081Use of Uninitialized Resource

 

About the author

Author placeholder

Angela Gunn

Angela Gunn is a senior threat researcher in Sophos X-Ops. As a journalist and columnist for two decades, her outlets included USA Today, PC Magazine, Computerworld, and Yahoo Internet Life. Since morphing into a full-time technologist, she has focused on incident response, privacy, threat modeling, GRC, OSINT, and security training at companies including Microsoft, HPE, BAE AI, and SilverSky.