🚨 CISA KEV 1[−]
13 Jan KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-20805 Microsoft Windows Information Disclosure Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber a…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 108[−]
13 JanCVE-2026-20962 Dynamic Root of Trust for Measurement (DRTM) Information Disclosure VulnerabilityUse of uninitialized resource in Dynamic Root of Trust for Measurement (DRTM) allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-21265 Secure Boot Certificate Expiration Security Feature Bypass VulnerabilityWindows Secure Boot stores Microsoft certificates in the UEFI KEK and DB. These original certificates are approaching expiration, and devices containing affected certificate versions must update them to maintain Secure Boot functionality and avoid compromising security by losing …MSRC.MICROSOFT.COM
13 JanCVE-2026-0386 Windows Deployment Services Remote Code Execution VulnerabilityImproper access control in Windows Deployment Services allows an unauthorized attacker to execute code over an adjacent network.MSRC.MICROSOFT.COM
13 JanCVE-2026-20803 Microsoft SQL Server Elevation of Privilege VulnerabilityMissing authentication for critical function in SQL Server allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
13 JanCVE-2026-20965 Windows Admin Center Elevation of Privilege VulnerabilityImproper verification of cryptographic signature in Windows Admin Center allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20804 Windows Hello Tampering VulnerabilityIncorrect privilege assignment in Windows Hello allows an unauthorized attacker to perform tampering locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20808 Windows File Explorer Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Printer Association Object allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20809 Windows Kernel Memory Elevation of Privilege VulnerabilityTime-of-check time-of-use (toctou) race condition in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20810 Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityFree of memory not on the heap in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20811 Win32k Elevation of Privilege VulnerabilityAccess of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20812 LDAP Tampering VulnerabilityImproper input validation in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to perform tampering over a network.MSRC.MICROSOFT.COM
13 JanCVE-2026-20814 DirectX Graphics Kernel Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20815 Capability Access Management Service (camsvc) Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20816 Windows Installer Elevation of Privilege VulnerabilityTime-of-check time-of-use (toctou) race condition in Windows Installer allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20817 Windows Error Reporting Service Elevation of Privilege VulnerabilityImproper handling of insufficient permissions or privileges in Windows Error Reporting allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20819 Windows Virtualization-Based Security (VBS) Information Disclosure VulnerabilityUntrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20820 Windows Common Log File System Driver Elevation of Privilege VulnerabilityHeap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20821 Remote Procedure Call Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Windows Remote Procedure Call allows an unauthorized attacker to disclose information locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20822 Windows Graphics Component Elevation of Privilege VulnerabilityUse after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20824 Windows Remote Assistance Security Feature Bypass VulnerabilityProtection mechanism failure in Windows Remote Assistance allows an unauthorized attacker to bypass a security feature locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20825 Windows Hyper-V Information Disclosure VulnerabilityImproper access control in Windows Hyper-V allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20826 Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Tablet Windows User Interface (TWINUI) Subsystem allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20827 Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Tablet Windows User Interface (TWINUI) Subsystem allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20828 Windows rndismp6.sys Information Disclosure VulnerabilityOut-of-bounds read in Windows Internet Connection Sharing (ICS) allows an unauthorized attacker to disclose information with a physical attack.MSRC.MICROSOFT.COM
13 JanCVE-2026-20829 TPM Trustlet Information Disclosure VulnerabilityOut-of-bounds read in Windows TPM allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20831 Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityTime-of-check time-of-use (toctou) race condition in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20832 Windows Remote Procedure Call Interface Definition Language (IDL) Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 JanCVE-2026-20833 Windows Kerberos Information Disclosure VulnerabilityUse of a broken or risky cryptographic algorithm in Windows Kerberos allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20834 Windows Spoofing VulnerabilityAbsolute path traversal in Windows Shell allows an unauthorized attacker to perform spoofing with a physical attack.MSRC.MICROSOFT.COM
13 JanCVE-2026-20835 Capability Access Management Service (camsvc) Information Disclosure VulnerabilityOut-of-bounds read in Capability Access Management Service (camsvc) allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20836 DirectX Graphics Kernel Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20837 Windows Media Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20838 Windows Kernel Information Disclosure VulnerabilityGeneration of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20839 Windows Client-Side Caching (CSC) Service Information Disclosure VulnerabilityImproper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20840 Windows NTFS Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20842 Microsoft DWM Core Library Elevation of Privilege VulnerabilityUse after free in Windows DWM allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20844 Windows Clipboard Server Elevation of Privilege VulnerabilityUse after free in Windows Clipboard Server allows an unauthorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2023-31096 MITRE: CVE-2023-31096 Windows Agere Soft Modem Driver Elevation of Privilege VulnerabilityMicrosoft is aware of vulnerabilities in the third party Agere Soft Modem drivers that ship natively with supported Windows operating systems. This is an announcement of the removal of agrsm64.sys and agrsm.sys drivers. The drivers have been removed in the January 2026 cumulative…MSRC.MICROSOFT.COM
13 JanCVE-2026-20847 Microsoft Windows File Explorer Spoofing VulnerabilityExposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
13 JanCVE-2026-20851 Capability Access Management Service (camsvc) Information Disclosure VulnerabilityOut-of-bounds read in Capability Access Management Service (camsvc) allows an unauthorized attacker to disclose information locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20852 Windows Hello Tampering VulnerabilityIncorrect privilege assignment in Windows Hello allows an unauthorized attacker to perform tampering locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20856 Windows Server Update Service (WSUS) Remote Code Execution VulnerabilityImproper input validation in Windows Server Update Service allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
13 JanCVE-2026-20857 Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityUntrusted pointer dereference in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20858 Windows Management Services Elevation of Privilege VulnerabilityUse after free in Windows Management Services allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20859 Windows Kernel-Mode Driver Elevation of Privilege VulnerabilityUse after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20860 Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityAccess of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20864 Windows Connected Devices Platform Service Elevation of Privilege VulnerabilityHeap-based buffer overflow in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20865 Windows Management Services Elevation of Privilege VulnerabilityUse after free in Windows Management Services allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20869 Windows Local Session Manager (LSM) Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Local Session Manager (LSM) allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20875 Windows Local Security Authority Subsystem Service (LSASS) Denial of Service VulnerabilityNull pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.MSRC.MICROSOFT.COM
13 JanCVE-2026-20876 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege VulnerabilityHeap-based buffer overflow in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20877 Windows Management Services Elevation of Privilege VulnerabilityUse after free in Windows Management Services allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20918 Windows Management Services Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20919 Windows SMB Server Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
13 JanCVE-2026-20920 Win32k Elevation of Privilege VulnerabilityUse after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20921 Windows SMB Server Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
13 JanCVE-2026-20922 Windows NTFS Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20923 Windows Management Services Elevation of Privilege VulnerabilityUse after free in Windows Management Services allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20924 Windows Management Services Elevation of Privilege VulnerabilityUse after free in Windows Management Services allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20925 NTLM Hash Disclosure Spoofing VulnerabilityExternal control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
13 JanCVE-2026-20926 Windows SMB Server Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
13 JanCVE-2026-20927 Windows SMB Server Denial of Service VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to deny service over a network.MSRC.MICROSOFT.COM
13 JanCVE-2026-20932 Windows File Explorer Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20934 Windows SMB Server Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
13 JanCVE-2026-20938 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege VulnerabilityUntrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20940 Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityHeap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20944 Microsoft Word Remote Code Execution VulnerabilityOut-of-bounds read in Microsoft Office Word allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20946 Microsoft Excel Remote Code Execution VulnerabilityOut-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20951 Microsoft SharePoint Server Remote Code Execution VulnerabilityImproper input validation in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20953 Microsoft Office Remote Code Execution VulnerabilityUse after free in Microsoft Office allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20955 Microsoft Excel Remote Code Execution VulnerabilityUntrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20956 Microsoft Excel Remote Code Execution VulnerabilityUntrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20959 Microsoft SharePoint Server Spoofing VulnerabilityImproper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
13 JanCVE-2026-20963 Microsoft SharePoint Remote Code Execution VulnerabilityDeserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
13 JanCVE-2026-21224 Azure Connected Machine Agent Elevation of Privilege VulnerabilityStack-based buffer overflow in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20947 Microsoft SharePoint Server Remote Code Execution VulnerabilityImproper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
13 JanCVE-2026-20843 Windows Routing and Remote Access Service (RRAS) Elevation of Privilege VulnerabilityImproper access control in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20849 Windows Kerberos Elevation of Privilege VulnerabilityReliance on untrusted inputs in a security decision in Windows Kerberos allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
13 JanCVE-2026-20853 Windows WalletService Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows WalletService allows an unauthorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20854 Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution VulnerabilityUse after free in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
13 JanCVE-2026-21219 Inbox COM Objects (Global Memory) Remote Code Execution VulnerabilityUse after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20861 Windows Management Services Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20862 Windows Management Services Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Windows Management Services allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20863 Win32k Elevation of Privilege VulnerabilityDouble free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20866 Windows Management Services Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20867 Windows Management Services Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20868 Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
13 JanCVE-2026-20870 Windows Win32 Kernel Subsystem Elevation of Privilege VulnerabilityUse after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20871 Desktop Windows Manager Elevation of Privilege VulnerabilityUse after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20872 NTLM Hash Disclosure Spoofing VulnerabilityExternal control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
13 JanCVE-2026-20873 Windows Management Services Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20874 Windows Management Services Elevation of Privilege VulnerabilityConcurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2024-55414 Windows Motorola Soft Modem Driver Elevation of Privilege VulnerabilityMicrosoft is aware of vulnerabilities in the third party Motorola Soft Modem drivers that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of smserl64.sys and smserial.sys drivers. The drivers have been removed in the Januar…MSRC.MICROSOFT.COM
13 JanCVE-2026-20929 Windows HTTP.sys Elevation of Privilege VulnerabilityImproper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
13 JanCVE-2026-20931 Windows Telephony Service Elevation of Privilege VulnerabilityExternal control of file name or path in Windows Telephony Service allows an authorized attacker to elevate privileges over an adjacent network.MSRC.MICROSOFT.COM
13 JanCVE-2026-20935 Windows Virtualization-Based Security (VBS) Information Disclosure VulnerabilityUntrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an unauthorized attacker to disclose information locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20936 Windows NDIS Information Disclosure VulnerabilityOut-of-bounds read in Windows NDIS allows an authorized attacker to disclose information with a physical attack.MSRC.MICROSOFT.COM
13 JanCVE-2026-20937 Windows File Explorer Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20939 Windows File Explorer Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20948 Microsoft Word Remote Code Execution VulnerabilityUntrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20949 Microsoft Excel Security Feature Bypass VulnerabilityImproper access control in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20950 Microsoft Excel Remote Code Execution VulnerabilityUse after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20952 Microsoft Office Remote Code Execution VulnerabilityUse after free in Microsoft Office allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20957 Microsoft Excel Remote Code Execution VulnerabilityInteger underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-20941 Host Process for Windows Tasks Elevation of Privilege VulnerabilityImproper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
13 JanCVE-2026-21226 Azure Core shared client library for Python Remote Code Execution VulnerabilityDeserialization of untrusted data in Azure Core shared client library for Python allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
13 JanCVE-2026-20823 Windows File Explorer Information Disclosure VulnerabilityExposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
13 JanDecember 2025 CVE Landscape: 22 Critical Vulnerabilities Mark 120% Surge, React2Shell Dominates Threat ActivityDecember 2025 saw a 120% surge in critical CVEs, with 22 exploited flaws and React2Shell (CVE-2025-55182) dominating threat activity across Meta’s React framework.RECORDEDFUTURE.COM
⚠️ VULNERABILITY DISCLOSURE 6[−]
13 JanMultiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. De…CISECURITY.ORG
13 JanMultiple Vulnerabilities in Fortinet Products Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in Fortinet products, the most severe of which could allow for arbitrary code execution. FortiSandbox is an advanced threat detection solution from Fortinet that uses sandboxing to analyze suspicious files and network traffic for adva…CISECURITY.ORG
13 JanCritical Patches Issued for Microsoft Products, January 13, 2026Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. …CISECURITY.ORG
13 JanMultiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large…CISECURITY.ORG
13 JanInside the LLM | Understanding AI & the Mechanics of Modern AttacksLearn how attackers exploit tokenization, embeddings and LLM attention mechanisms to bypass LLM security filters and hijack model behavior.SENTINELONE.COM
13 JanLack of isolation in agentic browsers resurfaces old vulnerabilitiesWith browser-embedded AI agents, we’re essentially starting the security journey over again. We exploited a lack of isolation mechanisms in multiple agentic browsers to perform attacks ranging from the dissemination of false information to cross-site data leaks. These attac…TRAILOFBITS.COM
🔥 INCIDENT REPORTING 2[−]
13 JanWho Decides Who Doesn’t Deserve Privacy?Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite Remember the Ashley Madison data breach? That was now more than a decade ago, yet it arguably remains the single most noteworthy data b…TROYHUNT.COM
13 JanBest Ransomware Detection ToolsStop ransomware before encryption begins. Learn how intelligence-driven detection tools can help identify precursor behaviors and reduce false positives for faster response.RECORDEDFUTURE.COM
🕵️ THREAT INTELLIGENCE 1[−]
13 JanKey Insights on SHADOW-AETHER-015 and Earth Preta from the 2025 MITRE ATT&CK Evaluation with TrendAI Vision One™This blog discusses notable modern TTPs observed from SHADOW-AETHER-015 and Earth Preta, from TrendAI Research™ monitoring and TrendAI Vision One™ intelligence. These findings support the performance of TrendAI™ in the 2025 MITRE ATT&CK Evaluations.TRENDMICRO.COM
📡 INFOSEC NEWS 2[−]
13 JanWhen AI Gets Bullied: How Agentic Attacks Are Replaying Human Social EngineeringAI Security Insights – January 2026F5.COM
13 JanYour personal information is on the dark web. What happens next?If your data is on the dark web, it’s probably only a matter of time before it’s abused for fraud or account hijacking. Here’s what to do.WELIVESECURITY.COM