Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally.
Reliance on untrusted inputs in a security decision in Windows Kerberos allows an authorized attacker to elevate privileges over a network.
Out-of-bounds read in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.
Acceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized attacker to bypass a security feature over a network.
Improper authentication in Windows Cryptographic Services allows an unauthorized attacker to elevate privileges locally.
Improper verification of cryptographic signature in Windows Admin Center allows an authorized attacker to elevate privileges locally.
Insecure storage of sensitive information in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.
CVE-2026-21533
HIGH CVSS 7.8 KEV
Find Similar
Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.
Out-of-bounds read in Windows Resilient File System (ReFS) allows an authorized attacker to elevate privileges locally.
Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.
Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
Improper handling of insufficient permissions or privileges in Windows Installer allows an authorized attacker to elevate privileges locally.
Page 1+ Next →