Live
CVE-2026-25190: Microsoft Patches Critical GDI Vulnerability in March 2026 Security Update·MSFT +0.1%Microsoft Confirms Critical DWM Privilege Escalation Vulnerability CVE-2026-25189·NVDA +3.0%CVE-2026-25188: Microsoft Patches Critical Telephony Service Heap Overflow Vulnerability·GOOGL +1.2%Excel CVE-2026-26144 XSS Vulnerability Enables Copilot Data Exfiltration in Zero-Click Attack·AMZN +2.9%CVE-2026-25187: Critical Winlogon Privilege Escalation Vulnerability Exposes Windows Systems·MSFT +0.1%Microsoft Patches ATBroker Information Disclosure Vulnerability CVE-2026-25186 in Windows Accessibility Infrastructure·NVDA +3.0%CVE-2026-25185: Windows Shell Link Spoofing Vulnerability Exposes Sensitive Data·GOOGL +1.2%Patch for GDI+ flaw CVE-2026-25181 ships in Windows security update.·AMZN +2.9%CVE-2026-25190: Microsoft Patches Critical GDI Vulnerability in March 2026 Security Update·MSFT +0.1%Microsoft Confirms Critical DWM Privilege Escalation Vulnerability CVE-2026-25189·NVDA +3.0%CVE-2026-25188: Microsoft Patches Critical Telephony Service Heap Overflow Vulnerability·GOOGL +1.2%Excel CVE-2026-26144 XSS Vulnerability Enables Copilot Data Exfiltration in Zero-Click Attack·AMZN +2.9%CVE-2026-25187: Critical Winlogon Privilege Escalation Vulnerability Exposes Windows Systems·MSFT +0.1%Microsoft Patches ATBroker Information Disclosure Vulnerability CVE-2026-25186 in Windows Accessibility Infrastructure·NVDA +3.0%CVE-2026-25185: Windows Shell Link Spoofing Vulnerability Exposes Sensitive Data·GOOGL +1.2%Patch for GDI+ flaw CVE-2026-25181 ships in Windows security update.·AMZN +2.9%
Gdi Vulnerability · Untrusted Search Path

CVE-2026-25190: Microsoft Patches Critical GDI Vulnerability in March 2026 Security Update

Microsoft's March 2026 security update includes a newly cataloged Windows Graphics Device Interface vulnerability tracked as CVE-2026-25190, a high-severity code-execution flaw that requires...

SE Security Desk·16w ago
Dwm Vulnerability · Patch Management

Microsoft Confirms Critical DWM Privilege Escalation Vulnerability CVE-2026-25189

Microsoft has officially documented CVE-2026-25189, a confirmed use-after-free vulnerability in the Windows Desktop Window Manager (DWM) Core Library that enables local privilege escalation. The...

SE Security Desk·16w ago
Cve 2026 25188 · Patch Tuesday

CVE-2026-25188: Microsoft Patches Critical Telephony Service Heap Overflow Vulnerability

Microsoft's March 2026 Patch Tuesday update addresses a high-severity heap-based buffer overflow vulnerability in the Windows Telephony Service, cataloged as CVE-2026-25188. This security flaw could...

SE Security Desk·16w ago
Copilot Agents · Copilot Ai

Excel CVE-2026-26144 XSS Vulnerability Enables Copilot Data Exfiltration in Zero-Click Attack

Microsoft's March 2026 Patch Tuesday addressed a critical Excel vulnerability that creates a dangerous new attack vector for AI-powered data theft. CVE-2026-26144, a cross-site scripting flaw in...

AI AI & Copilot Desk·16w ago
Cve 2026 25187 · Local Privilege Escalation

CVE-2026-25187: Critical Winlogon Privilege Escalation Vulnerability Exposes Windows Systems

Microsoft has assigned CVE-2026-25187 to a newly discovered local privilege escalation vulnerability in Winlogon, the Windows component responsible for handling secure desktop sessions and user...

SE Security Desk·16w ago
Atbroker · Information Disclosure

Microsoft Patches ATBroker Information Disclosure Vulnerability CVE-2026-25186 in Windows Accessibility Infrastructure

Microsoft has addressed a newly cataloged information disclosure vulnerability in the Windows Accessibility Infrastructure, tracked as CVE-2026-25186, affecting the ATBroker.exe helper process. This...

SE Security Desk·16w ago
Patch Guidance · Shell Link

CVE-2026-25185: Windows Shell Link Spoofing Vulnerability Exposes Sensitive Data

Microsoft has disclosed a critical Windows Shell Link processing vulnerability designated CVE-2026-25185 that enables network-level spoofing and information disclosure. The security flaw in how...

SE Security Desk·16w ago
Cve 2026 25181 · Gdiplus

Patch for GDI+ flaw CVE-2026-25181 ships in Windows security update.

Microsoft has released a security update addressing CVE-2026-25181, an information disclosure vulnerability in the Windows Graphics Component (GDI+). The vulnerability, discovered through Microsoft's...

SE Security Desk·16w ago
Cve 2026 25180 · Graphics Component

CVE-2026-25180: Windows Graphics Component Information Disclosure Vulnerability Analysis

Microsoft has documented CVE-2026-25180 as a critical information disclosure vulnerability in the Windows Graphics Component, specifically an out-of-bounds read that could allow unprivileged local...

SE Security Desk·16w ago
Afd Sys Patch · Kernel Vulnerability

CVE-2026-25179: Critical Windows AFD.sys Local Privilege Escalation Vulnerability Patched

Microsoft has patched a critical local privilege escalation vulnerability in the Windows Ancillary Function Driver for WinSock (AFD.sys) tracked as CVE-2026-25179. This kernel-level flaw allows...

SE Security Desk·16w ago
Afd Sys · Cve 2026 25178

Patch Now: Windows AFD.sys Bug Gives Attackers SYSTEM Access

Microsoft has disclosed a critical use-after-free vulnerability in the Ancillary Function Driver for WinSock (AFD.sys) component, designated CVE-2026-25178. This security flaw allows authenticated...

SE Security Desk·16w ago
Active Directory · Cve 25177

Microsoft's March 2026 Patch Fixes Critical Active Directory Vulnerability CVE-2026-25177

Microsoft released a critical security update on March 10, 2026, addressing CVE-2026-25177, an elevation-of-privilege vulnerability in Active Directory Domain Services. The company rates this...

SE Security Desk·16w ago