CVSS: 7.8EPSS: 2%CPEs: 9EXPL: 0CVE-2025-26680 – Windows Standards-Based Storage Management Service Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-26680
08 Apr 2025 — Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26680 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.7EPSS: 0%CPEs: 10EXPL: 0CVE-2025-26681 – Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-26681
08 Apr 2025 — Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26681 • CWE-416: Use After Free •
CVSS: 7.6EPSS: 0%CPEs: 26EXPL: 0CVE-2025-26668 – Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-26668
08 Apr 2025 — Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26668 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2025-26667 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-26667
08 Apr 2025 — Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26667 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-26669 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-26669
08 Apr 2025 — Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26669 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2025-26666 – Windows Media Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-26666
08 Apr 2025 — Heap-based buffer overflow in Windows Media allows an authorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26666 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-26665 – Windows upnphost.dll Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-26665
08 Apr 2025 — Sensitive data storage in improperly locked memory in Windows upnphost.dll allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26665 • CWE-591: Sensitive Data Storage in Improperly Locked Memory •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2025-26664 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-26664
08 Apr 2025 — Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26664 • CWE-126: Buffer Over-read •
CVSS: 8.1EPSS: 0%CPEs: 26EXPL: 0CVE-2025-26663 – Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-26663
08 Apr 2025 — Use after free in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26663 • CWE-416: Use After Free •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29796 – Microsoft Edge for iOS Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2025-29796
04 Apr 2025 — User interface (ui) misrepresentation of critical information in Microsoft Edge for iOS allows an unauthorized attacker to perform spoofing over a network. La tergiversación de información crítica en la interfaz de usuario (IU) de Microsoft Edge para iOS permite que un atacante no autorizado realice suplantación de identidad a través de una red. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29796 • CWE-451: User Interface (UI) Misrepresentation of Critical Information •