Monitor vulnerabilities that affect your stack.
Sign up free to get alerts when software you use is affected.
CVE Vulnerabilities - 10 March 2026
RSS658 vulnerabilities published on 10 March 2026
Severity:
Microsoft Office: Untrusted Code Execution via Local Attack
CVE-2026-26113
Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally....
7.8
Microsoft Office Excel Untrusted Pointer Dereference Allows Local Code Execution
CVE-2026-26112
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally....
7.8
Microsoft Office Allows Unauthorized Code Execution
CVE-2026-26110
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally....
7.8
Microsoft Office Excel can allow unauthorized code execution
CVE-2026-26109
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally....
7.8
Microsoft Office Excel allows malicious code execution locally
CVE-2026-26108
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally....
7.8
Microsoft Office Excel Allows Code Execution via Local Data
CVE-2026-26107
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally....
7.8
SICAM SIAPP SDK versions < V2.1.7 can execute malicious system commands
CVE-2026-25573
A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The affected application builds shell commands with caller-provided st...
8.6
SICAM SIAPP SDK versions < V2.1.7 can crash or allow unauthorized code execution
CVE-2026-25570
A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The SICAM SIAPP SDK does not perform checks on input values potentiall...
7.5
SICAM SIAPP SDK versions before 2.1.7 allow attackers to crash or steal data
CVE-2026-25569
A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). An out-of-bounds write vulnerability exists in SICAM SIAPP SDK. This c...
7.5
Windows GDI Vulnerability Allows Local Code Execution
CVE-2026-25190
Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally....
7.8
Windows DWM Core Library Privilege Elevation Vulnerability
CVE-2026-25189
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally....
7.8
Windows Winlogon Link Following Privilege Escalation
CVE-2026-25187
Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally....
7.8
Windows Ancillary Function Driver Vulnerability Allowing Local Privilege Escalation
CVE-2026-25176
Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally....
7.8
Windows NTFS Out-of-Bounds Read Allows Local Privilege Escalation
CVE-2026-25175
Out-of-bounds read in Windows NTFS allows an authorized attacker to elevate privileges locally....
7.8
Windows Extensible File Allocation Privilege Elevation Risk
CVE-2026-25174
Out-of-bounds read in Windows Extensible File Allocation allows an authorized attacker to elevate privileges locally....
7.8
Windows System Image Manager allows unauthorized local code execution
CVE-2026-25166
Deserialization of untrusted data in Windows System Image Manager allows an authorized attacker to execute code locally....
7.8
Windows Performance Counters Privilege Escalation Risk
CVE-2026-25165
Null pointer dereference in Windows Performance Counters allows an authorized attacker to elevate privileges locally....
7.8
Windows SMB Server: Authorized Users Can Gain Elevated Privileges
CVE-2026-24294
Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally....
7.8
Windows Ancillary Function Driver WinSock Privilege Elevation Vulnerability
CVE-2026-24293
Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally....
7.8
Connected Devices Platform Service elevation of privilege vulnerability
CVE-2026-24292
Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally....
7.8
Windows ATBroker.exe Privilege Elevation Vulnerability
CVE-2026-24291
Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to elevate ...
7.8
Windows Projected File System Privilege Elevation Vulnerability
CVE-2026-24290
Improper access control in Windows Projected File System allows an authorized attacker to elevate privileges locally....
7.8
Windows Kernel Privilege Escalation Risk: Unauthorized Access
CVE-2026-24289
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally....
7.8
Windows Kernel: Unauthorized File Access Can Elevate Privileges
CVE-2026-24287
External control of file name or path in Windows Kernel allows an authorized attacker to elevate privileges locally....
7.8
Fortinet FortiClientLinux: Privilege Escalation through Symbolic Link Attack
CVE-2026-24018
A UNIX symbolic link (Symlink) following vulnerability in Fortinet FortiClientLinux 7.4.0 through 7.4.4, FortiClientLinux 7.2.2 through 7.2.12 may all...
7.8