mscve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	MS:CVE-2026-0904	Chromium: CVE-2026-0904 Incorrect security UI in Digital Credentials_MS:CVE-2026-0904 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jan 16, 2026	MSCVE
NONE	MS:CVE-2026-0906	Chromium: CVE-2026-0906 Incorrect security UI_MS:CVE-2026-0906 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jan 16, 2026	MSCVE
NONE	MS:CVE-2026-0905	Chromium: CVE-2026-0905 Insufficient policy enforcement in Network_MS:CVE-2026-0905 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jan 16, 2026	MSCVE
NONE	MS:CVE-2026-0907	Chromium: CVE-2026-0907 Incorrect security UI in Split View_MS:CVE-2026-0907 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jan 16, 2026	MSCVE
NONE	MS:CVE-2026-0908	Chromium: CVE-2026-0908 Use after free in ANGLE_MS:CVE-2026-0908 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jan 16, 2026	MSCVE
HIGH 7.5	MS:CVE-2026-20849	Windows Kerberos Elevation of Privilege Vulnerability_MS:CVE-2026-20849 Reliance on untrusted inputs in a security decision in Windows Kerberos allows an authorized attacker to elevate privileges over a network.	N/A	N/A	Jan 13, 2026	MSCVE
HIGH 7.5	MS:CVE-2026-20854	Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability_MS:CVE-2026-20854 Use after free in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to execute code over a network.	N/A	N/A	Jan 13, 2026	MSCVE
HIGH 7.5	MS:CVE-2026-20929	Windows HTTP.sys Elevation of Privilege Vulnerability_MS:CVE-2026-20929 Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network.	N/A	N/A	Jan 13, 2026	MSCVE
HIGH 7.8	MS:CVE-2026-20922	Windows NTFS Remote Code Execution Vulnerability_MS:CVE-2026-20922 Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.	N/A	N/A	Jan 13, 2026	MSCVE
HIGH 7.8	MS:CVE-2026-20946	Microsoft Excel Remote Code Execution Vulnerability_MS:CVE-2026-20946 Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.	N/A	N/A	Jan 13, 2026	MSCVE