CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◆ Security Tools & Reviews Apr 15, 2026

Patch Tuesday - April 2026

Rapid7 Archived Apr 15, 2026 ✓ Full text saved

Microsoft is publishing 167 vulnerabilities on April 2026 Patch Tuesday . Microsoft is aware of exploitation in the wild for one of today’s vulnerabilities, and public disclosure for one other. Microsoft evaluates 19 of the vulnerabilities published today as more likely to see future exploitation. So far this month, Microsoft has provided patches to address 80 browser vulnerabilities, which are not included in the Patch Tuesday count above. Increasing volumes of vulnerabilities Regular Patch Tue

Full text archived locally
✦ AI Summary · Claude Sonnet

    Microsoft is publishing 167 vulnerabilities on April 2026 Patch Tuesday. Microsoft is aware of exploitation in the wild for one of today’s vulnerabilities, and public disclosure for one other. Microsoft evaluates 19 of the vulnerabilities published today as more likely to see future exploitation. So far this month, Microsoft has provided patches to address 80 browser vulnerabilities, which are not included in the Patch Tuesday count above.Increasing volumes of vulnerabilitiesRegular Patch Tuesday watchers will know that these vulnerability totals are significantly higher than usual, especially the browser numbers. Late last week, Microsoft published patches to resolve more than 60 browser vulnerabilities in a single day, which is a new record in that very specific category. It might be tempting to imagine that this sudden spike was tied to the buzz around the announcement a week ago today of Project Glasswing, but this is not the case. Edge is based on the Chromium engine, and the Chromium maintainers acknowledge a wide range of researchers for the vulnerabilities which Microsoft republished last Friday. This reflects a significant industry-wide uptick in the volume of vulnerability reports over the past few weeks. A safe conclusion is that this increase in volume is driven by ever-expanding AI capabilities. We should expect to see further increases in vulnerability reporting volume as the impact of AI models extend further, both in terms of capability and availability.SharePoint: zero-day spoofingWhen everything is changing rapidly, it can be tempting to look to familiar things for comfort. SharePoint admins should start by addressing CVE-2026-32201, an exploited-in-the-wild spoofing vulnerability. The advisory doesn’t offer much detail, but does mention CWE-20: Improper Input Validation and low impact to confidentiality and integrity, with no impact to availability. Of course, the greatest attacker impact is typically achieved by chaining together multiple vulnerabilities that by themselves might not seem so bad.Ever-increasing novel AI capabilities in offensive cybersecurity now appear to provide real competition for all but the most elite human researchers; if it was ever valid to suppose that a vulnerability with a CVSS v3 base score of 6.5 was unlikely to cause much pain, it’s certainly not a safe defensive assumption in 2026. Patches are available for all supported versions of SharePoint, including SharePoint 2016, which moves beyond extended support on July 14, 2026.Defender: zero-day elevation of privilegeMicrosoft Defender receives a patch today for CVE-2026-33825, a local privilege escalation vulnerability for which Microsoft is aware of public disclosure. Successful exploitation leads to SYSTEM privileges, so this is certainly worth patching sooner rather than later. Microsoft points out that no action should be required to install this update, since the Microsoft Defender Antimalware Platform automatically updates by default. A further silver lining is that systems that have disabled Microsoft Defender are not in an exploitable state. Hopefully, any such system is running a suitable third-party replacement for Defender’s capabilities.Windows [I don’t like] IKE: zero-day pre-auth RCEThe Windows Internet Key Exchange (IKE) Services Extensions is the site of CVE-2026-33824, a critical unauthenticated remote code execution vulnerability. Exploitation requires an attacker to send specially crafted packets to a Windows machine with IKE v2 enabled, which could enable remote code execution. Vulnerabilities leading to unauthenticated RCE against modern Windows assets are relatively rare, or we’d see more wormable vulnerabilities self-propagating across the internet. However, since IKE provides secure tunnel negotiation services, for instance for VPNs, it is necessarily exposed to untrusted networks and reachable in a pre-authorization context. It’s hard to imagine this turning into a rampaging internet-wide worm, but there’s plenty of scope for initial access abuse, so this IKE vulnerability is still yikes.The advisory does contain a section with potential mitigations for anyone unable to patch immediately, which center on least-privilege restriction of relevant UDP traffic. This same portion of the advisory also furnishes a helpful link to the definition of the word “mitigations” in the MSDN glossary. All versions of Windows back as far as Server 2016 and Windows 10 1607 LTSC receive patches.The advisory credits both the WARP and MORSE (Microsoft Offensive Research & Security Engineering) teams at Microsoft. MORSE appears in Acknowledgements over the past few years, but today marks the first explicit mention of WARP in a Microsoft security advisory Acknowledgements section; we can speculate that WARP is an internal designator for the Microsoft Windows Enterprise Security Team.Microsoft lifecycle updateIn Microsoft lifecycle news, extended support ends April 14, 2026 for a wide range of Microsoft product legacy enterprise tools, including Dynamics C5 2016, Dynamics NAV 2016, App-V 5.0 and App-V 5.1, UE-V 2.1, and BitLocker Administration and Monitoring 2.5 SP1. Microsoft .NET 9 STS (Standard Term Support, as distinct from Long Term Support) was originally scheduled to move past the end of support in May 2026, but late last year, Microsoft granted a six-month extension, so that .NET 9 STS now reaches end of support on November 10, 2026.Summary charts Summary tablesAzure vulnerabilitiesCVETitleExploitation statusPublicly disclosed?CVSS v3 base scoreCVE-2026-32171Azure Logic Apps Elevation of Privilege VulnerabilityExploitation Less LikelyNo8.8CVE-2026-32168Azure Monitor Agent Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32192Azure Monitor Agent Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32184Microsoft High Performance Compute (HPC) Pack Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8Developer Tools vulnerabilitiesCVETitleExploitation statusPublicly disclosed?CVSS v3 base scoreCVE-2026-32203.NET and Visual Studio Denial of Service VulnerabilityExploitation Less LikelyNo7.5CVE-2026-26171.NET Denial of Service VulnerabilityExploitation Less LikelyNo7.5CVE-2026-32226.NET Framework Denial of Service VulnerabilityExploitation Less LikelyNo5.9CVE-2026-23666.NET Framework Denial of Service VulnerabilityExploitation Less LikelyNo7.5CVE-2026-32178.NET Spoofing VulnerabilityExploitation Less LikelyNo7.5CVE-2026-33116.NET, .NET Framework, and Visual Studio Denial of Service VulnerabilityExploitation Less LikelyNo7.5CVE-2026-23653GitHub Copilot and Visual Studio Code Information Disclosure VulnerabilityExploitation Less LikelyNo5.7CVE-2026-32631GitHub: CVE-2026-32631 'git clone' from manipulated repositories can leak NTLM hashesExploitation Less LikelyNo7.4CVE-2026-21637HackerOne: CVE-2026-21637 TLS PSK/ALPN Callback Exceptions Bypass Error HandlersN/ANo7.5CVE-2026-26143Microsoft PowerShell Security Feature Bypass VulnerabilityExploitation Less LikelyNo7.8ESU vulnerabilitiesCVETitleExploitation statusPublicly disclosed?CVSS v3 base scoreCVE-2026-32072Active Directory Spoofing VulnerabilityExploitation Less LikelyNo6.2CVE-2026-32181Connected User Experiences and Telemetry Service Denial of Service VulnerabilityExploitation Less LikelyNo5.5CVE-2026-27924Desktop Window Manager Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32154Desktop Window Manager Elevation of Privilege VulnerabilityExploitation More LikelyNo7.8CVE-2026-27923Desktop Window Manager Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32155Desktop Window Manager Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32091Microsoft Brokering File System Elevation of Privilege VulnerabilityExploitation Less LikelyNo8.4CVE-2026-26152Microsoft Cryptographic Services Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-26155Microsoft Local Security Authority Subsystem Service Information Disclosure VulnerabilityExploitation Less LikelyNo6.5CVE-2026-27914Microsoft Management Console Elevation of Privilege VulnerabilityExploitation More LikelyNo7.8CVE-2026-25250MITRE: CVE-2026-25250 Secure Boot disable Eazy FixExploitation Less LikelyNo6.0CVE-2026-32081Package Catalog Information Disclosure VulnerabilityExploitation UnlikelyNo5.5CVE-2026-26170PowerShell Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-26183Remote Access Management service/API (RPC server) Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32157Remote Desktop Client Remote Code Execution VulnerabilityExploitation Less LikelyNo8.8CVE-2026-26160Remote Desktop Licensing Service Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-26159Remote Desktop Licensing Service Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-26151Remote Desktop Spoofing VulnerabilityExploitation More LikelyNo7.1CVE-2026-32085Remote Procedure Call Information Disclosure VulnerabilityExploitation UnlikelyNo5.5CVE-2026-0390UEFI Secure Boot Security Feature Bypass VulnerabilityExploitation More LikelyNo6.7CVE-2026-32212Universal Plug and Play (upnp.dll) Information Disclosure VulnerabilityExploitation Less LikelyNo5.5CVE-2026-32214Universal Plug and Play (upnp.dll) Information Disclosure VulnerabilityExploitation Less LikelyNo5.5CVE-2026-32079Web Account Manager Information Disclosure VulnerabilityExploitation UnlikelyNo5.5CVE-2026-33104Win32k Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-33826Windows Active Directory Remote Code Execution VulnerabilityExploitation More LikelyNo8.0CVE-2026-26178Windows Advanced Rasterization Platform Elevation of Privilege VulnerabilityExploitation Less LikelyNo8.8CVE-2026-32073Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-26168Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-26173Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-26177Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-26182Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-27922Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-33099Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-33100Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-32088Windows Biometric Service Security Feature Bypass VulnerabilityExploitation Less LikelyNo6.1CVE-2026-27913Windows BitLocker Security Feature Bypass VulnerabilityExploitation More LikelyNo7.7CVE-2026-26175Windows Boot Manager Security Feature Bypass VulnerabilityExploitation Less LikelyNo4.6CVE-2026-26176Windows Client Side Caching driver (csc.sys) Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-27926Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-32162Windows COM Elevation of Privilege VulnerabilityExploitation More LikelyNo8.4CVE-2026-20806Windows COM Server Information Disclosure VulnerabilityExploitation UnlikelyNo5.5CVE-2026-32070Windows Common Log File System Driver Elevation of Privilege VulnerabilityExploitation More LikelyNo7.0CVE-2026-33098Windows Container Isolation FS Filter Driver Elevation of Privilege VulnerabilityExploitation UnlikelyNo7.8CVE-2026-26153Windows Encrypted File System (EFS) Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32087Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-32093Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege VulnerabilityExploitation More LikelyNo7.0CVE-2026-32086Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-32150Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-27931Windows GDI Information Disclosure VulnerabilityExploitation Less LikelyNo5.5CVE-2026-27930Windows GDI Information Disclosure VulnerabilityExploitation Less LikelyNo5.5CVE-2026-27906Windows Hello Security Feature Bypass VulnerabilityExploitation More LikelyNo4.4CVE-2026-26156Windows Hyper-V Remote Code Execution VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32149Windows Hyper-V Remote Code Execution VulnerabilityExploitation Less LikelyNo7.3CVE-2026-27910Windows Installer Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-33824Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution VulnerabilityExploitation Less LikelyNo9.8CVE-2026-27912Windows Kerberos Elevation of Privilege VulnerabilityExploitation Less LikelyNo8.0CVE-2026-26180Windows Kernel Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-26163Windows Kernel Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32215Windows Kernel Information Disclosure VulnerabilityExploitation Less LikelyNo5.5CVE-2026-32217Windows Kernel Information Disclosure VulnerabilityExploitation Less LikelyNo5.5CVE-2026-32218Windows Kernel Information Disclosure VulnerabilityExploitation Less LikelyNo5.5CVE-2026-26169Windows Kernel Memory Information Disclosure VulnerabilityExploitation More LikelyNo6.1CVE-2026-32071Windows Local Security Authority Subsystem Service (LSASS) Denial of Service VulnerabilityExploitation Less LikelyNo7.5CVE-2026-27929Windows LUA File Virtualization Filter Driver Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-20930Windows Management Services Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-26162Windows OLE Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32084Windows Print Spooler Information Disclosure VulnerabilityExploitation UnlikelyNo5.5CVE-2026-27927Windows Projected File System Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-26184Windows Projected File System Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32069Windows Projected File System Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32074Windows Projected File System Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32078Windows Projected File System Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-26167Windows Push Notifications Elevation of Privilege VulnerabilityExploitation Less LikelyNo8.8CVE-2026-32158Windows Push Notifications Elevation of Privilege VulnerabilityExploitation UnlikelyNo7.8CVE-2026-32159Windows Push Notifications Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32160Windows Push Notifications Elevation of Privilege VulnerabilityExploitation UnlikelyNo7.8CVE-2026-26172Windows Push Notifications Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-20928Windows Recovery Environment Security Feature Bypass VulnerabilityExploitation Less LikelyNo4.6CVE-2026-27909Windows Search Service Elevation of Privilege VulnerabilityExploitation More LikelyNo7.8CVE-2026-26161Windows Sensor Data Service Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-26174Windows Server Update Service (WSUS) Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-26154Windows Server Update Service (WSUS) Tampering VulnerabilityExploitation Less LikelyNo7.5CVE-2026-27918Windows Shell Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32151Windows Shell Information Disclosure VulnerabilityExploitation Less LikelyNo6.5CVE-2026-32225Windows Shell Security Feature Bypass VulnerabilityExploitation More LikelyNo8.8CVE-2026-32202Windows Shell Spoofing VulnerabilityExploitation More LikelyNo4.3CVE-2026-32082Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-32083Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-32068Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege VulnerabilityExploitation UnlikelyNo7.0CVE-2026-32183Windows Snipping Tool Remote Code Execution VulnerabilityExploitation Less LikelyNo7.8CVE-2026-33829Windows Snipping Tool Spoofing VulnerabilityExploitation UnlikelyNo4.3CVE-2026-32089Windows Speech Brokered Api Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32090Windows Speech Brokered Api Elevation of Privilege VulnerabilityExploitation UnlikelyNo7.8CVE-2026-32153Windows Speech Runtime Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-33827Windows TCP/IP Remote Code Execution VulnerabilityExploitation Less LikelyNo8.1CVE-2026-27908Windows TDI Translation Driver (tdx.sys) Elevation of Privilege VulnerabilityExploitation More LikelyNo7.0CVE-2026-27921Windows TDI Translation Driver (tdx.sys) Elevation of Privilege VulnerabilityExploitation More LikelyNo7.0CVE-2026-27915Windows UPnP Device Host Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-27919Windows UPnP Device Host Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32075Windows UPnP Device Host Elevation of Privilege VulnerabilityExploitation More LikelyNo7.0CVE-2026-27916Windows UPnP Device Host Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-27920Windows UPnP Device Host Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32077Windows UPnP Device Host Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-27925Windows UPnP Device Host Information Disclosure VulnerabilityExploitation Less LikelyNo6.5CVE-2026-32156Windows UPnP Device Host Remote Code Execution VulnerabilityExploitation Less LikelyNo7.4CVE-2026-32165Windows User Interface Core Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-27911Windows User Interface Core Elevation of Privilege VulnerabilityExploitation UnlikelyNo7.8CVE-2026-32163Windows User Interface Core Elevation of Privilege VulnerabilityExploitation UnlikelyNo7.8CVE-2026-32164Windows User Interface Core Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-23670Windows Virtualization-Based Security (VBS) Security Feature Bypass VulnerabilityExploitation Less LikelyNo5.7CVE-2026-27917Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0Microsoft Dynamics vulnerabilitiesCVETitleExploitation statusPublicly disclosed?CVSS v3 base scoreCVE-2026-33103Microsoft Dynamics 365 (On-Premises) Information Disclosure VulnerabilityExploitation UnlikelyNo5.5CVE-2026-26149Microsoft Power Apps Security Feature BypassExploitation Less LikelyNo9.0Microsoft Office vulnerabilitiesCVETitleExploitation statusPublicly disclosed?CVSS v3 base scoreCVE-2026-32188Microsoft Excel Information Disclosure VulnerabilityExploitation Less LikelyNo7.1CVE-2026-32189Microsoft Excel Remote Code Execution VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32197Microsoft Excel Remote Code Execution VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32198Microsoft Excel Remote Code Execution VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32199Microsoft Excel Remote Code Execution VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32190Microsoft Office Remote Code Execution VulnerabilityExploitation Less LikelyNo8.4CVE-2026-32200Microsoft PowerPoint Remote Code Execution VulnerabilityExploitation Less LikelyNo7.8CVE-2026-20945Microsoft SharePoint Server Spoofing VulnerabilityExploitation Less LikelyNo4.6CVE-2026-32201Microsoft SharePoint Server Spoofing VulnerabilityExploitation DetectedNo6.5CVE-2026-33822Microsoft Word Information Disclosure VulnerabilityExploitation Less LikelyNo6.1CVE-2026-33095Microsoft Word Remote Code Execution VulnerabilityExploitation Less LikelyNo7.8CVE-2026-23657Microsoft Word Remote Code Execution VulnerabilityExploitation Less LikelyNo7.8CVE-2026-33114Microsoft Word Remote Code Execution VulnerabilityExploitation Less LikelyNo8.4CVE-2026-33115Microsoft Word Remote Code Execution VulnerabilityExploitation Less LikelyNo8.4Open Source Software vulnerabilitiesCVETitleExploitation statusPublicly disclosed?CVSS v3 base scoreCVE-2026-40386n/aNo4.0CVE-2026-40385n/aNo4.0CVE-2026-40393n/aNo8.1CVE-2026-31416netfilter: nfnetlink_log: account for netlink header sizen/aNo8.1CVE-2026-31423net/sched: sch_hfsc: fix divide-by-zero in rtsc_min()n/aNo5.5CVE-2026-31424netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARPn/aNo5.5CVE-2026-31417net/x25: Fix overflow when accumulating packetsn/aNo8.1CVE-2026-31422net/sched: cls_flow: fix NULL pointer dereference on shared blocksn/aNo5.5CVE-2026-31414netfilter: nf_conntrack_expect: use expect->helpern/aNo8.1CVE-2026-31427netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdpn/aNo7.8CVE-2026-31426ACPI: EC: clean up handlers on probe failure in acpi_ec_setup()n/aNo5.5CVE-2026-31419net: bonding: fix use-after-free in bond_xmit_broadcast()n/aNo7.1CVE-2026-31420bridge: mrp: reject zero test interval to avoid OOM panicn/aNo5.5CVE-2026-31421net/sched: cls_fw: fix NULL pointer dereference on shared blocksn/aNo5.5CVE-2026-31428netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOADn/aNo5.5CVE-2026-31418netfilter: ipset: drop logically empty buckets in mtype_deln/aNo8.1SQL Server vulnerabilitiesCVETitleExploitation statusPublicly disclosed?CVSS v3 base scoreCVE-2026-33120Microsoft SQL Server Remote Code Execution VulnerabilityExploitation Less LikelyNo8.8CVE-2026-32167SQL Server Elevation of Privilege VulnerabilityExploitation Less LikelyNo6.7CVE-2026-32176SQL Server Elevation of Privilege VulnerabilityExploitation Less LikelyNo6.7System Center vulnerabilitiesCVETitleExploitation statusPublicly disclosed?CVSS v3 base scoreCVE-2026-33825Microsoft Defender Elevation of Privilege VulnerabilityExploitation More LikelyYes7.8Windows vulnerabilitiesCVETitleExploitation statusPublicly disclosed?CVSS v3 base scoreCVE-2026-32072Active Directory Spoofing VulnerabilityExploitation Less LikelyNo6.2CVE-2023-20585AMD: CVE-2023-20585 IOMMU Write Buffer VulnerabilityExploitation Less LikelyNo5.3CVE-2026-25184Applocker Filter Driver (applockerfltr.sys) Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-32181Connected User Experiences and Telemetry Service Denial of Service VulnerabilityExploitation Less LikelyNo5.5CVE-2026-27924Desktop Window Manager Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32152Desktop Window Manager Elevation of Privilege VulnerabilityExploitation More LikelyNo7.8CVE-2026-32154Desktop Window Manager Elevation of Privilege VulnerabilityExploitation More LikelyNo7.8CVE-2026-27923Desktop Window Manager Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32155Desktop Window Manager Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-33096HTTP.sys Denial of Service VulnerabilityExploitation Less LikelyNo7.5CVE-2026-26181Microsoft Brokering File System Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32219Microsoft Brokering File System Elevation of Privilege VulnerabilityExploitation UnlikelyNo7.0CVE-2026-32091Microsoft Brokering File System Elevation of Privilege VulnerabilityExploitation Less LikelyNo8.4CVE-2026-26152Microsoft Cryptographic Services Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-26155Microsoft Local Security Authority Subsystem Service Information Disclosure VulnerabilityExploitation Less LikelyNo6.5CVE-2026-27914Microsoft Management Console Elevation of Privilege VulnerabilityExploitation More LikelyNo7.8CVE-2026-25250MITRE: CVE-2026-25250 Secure Boot disable Eazy FixExploitation Less LikelyNo6.0CVE-2026-32081Package Catalog Information Disclosure VulnerabilityExploitation UnlikelyNo5.5CVE-2026-26170PowerShell Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-26183Remote Access Management service/API (RPC server) Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32157Remote Desktop Client Remote Code Execution VulnerabilityExploitation Less LikelyNo8.8CVE-2026-26160Remote Desktop Licensing Service Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-26159Remote Desktop Licensing Service Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-26151Remote Desktop Spoofing VulnerabilityExploitation More LikelyNo7.1CVE-2026-32085Remote Procedure Call Information Disclosure VulnerabilityExploitation UnlikelyNo5.5CVE-2026-0390UEFI Secure Boot Security Feature Bypass VulnerabilityExploitation More LikelyNo6.7CVE-2026-32220UEFI Secure Boot Security Feature Bypass VulnerabilityExploitation Less LikelyNo4.4CVE-2026-32212Universal Plug and Play (upnp.dll) Information Disclosure VulnerabilityExploitation Less LikelyNo5.5CVE-2026-32214Universal Plug and Play (upnp.dll) Information Disclosure VulnerabilityExploitation Less LikelyNo5.5CVE-2026-32079Web Account Manager Information Disclosure VulnerabilityExploitation UnlikelyNo5.5CVE-2026-33104Win32k Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-33826Windows Active Directory Remote Code Execution VulnerabilityExploitation More LikelyNo8.0CVE-2026-32196Windows Admin Center Spoofing VulnerabilityExploitation Less LikelyNo6.1CVE-2026-26178Windows Advanced Rasterization Platform Elevation of Privilege VulnerabilityExploitation Less LikelyNo8.8CVE-2026-32073Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-26168Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-26173Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-26177Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-26182Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-27922Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-33099Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-33100Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-32088Windows Biometric Service Security Feature Bypass VulnerabilityExploitation Less LikelyNo6.1CVE-2026-27913Windows BitLocker Security Feature Bypass VulnerabilityExploitation More LikelyNo7.7CVE-2026-26175Windows Boot Manager Security Feature Bypass VulnerabilityExploitation Less LikelyNo4.6CVE-2026-26176Windows Client Side Caching driver (csc.sys) Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-27926Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-32162Windows COM Elevation of Privilege VulnerabilityExploitation More LikelyNo8.4CVE-2026-20806Windows COM Server Information Disclosure VulnerabilityExploitation UnlikelyNo5.5CVE-2026-32070Windows Common Log File System Driver Elevation of Privilege VulnerabilityExploitation More LikelyNo7.0CVE-2026-33098Windows Container Isolation FS Filter Driver Elevation of Privilege VulnerabilityExploitation UnlikelyNo7.8CVE-2026-26153Windows Encrypted File System (EFS) Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32087Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-32093Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege VulnerabilityExploitation More LikelyNo7.0CVE-2026-32086Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-32150Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-27931Windows GDI Information Disclosure VulnerabilityExploitation Less LikelyNo5.5CVE-2026-27930Windows GDI Information Disclosure VulnerabilityExploitation Less LikelyNo5.5CVE-2026-32221Windows Graphics Component Remote Code Execution VulnerabilityExploitation Less LikelyNo8.4CVE-2026-27906Windows Hello Security Feature Bypass VulnerabilityExploitation More LikelyNo4.4CVE-2026-27928Windows Hello Security Feature Bypass VulnerabilityExploitation Less LikelyNo8.7CVE-2026-26156Windows Hyper-V Remote Code Execution VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32149Windows Hyper-V Remote Code Execution VulnerabilityExploitation Less LikelyNo7.3CVE-2026-27910Windows Installer Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-33824Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution VulnerabilityExploitation Less LikelyNo9.8CVE-2026-27912Windows Kerberos Elevation of Privilege VulnerabilityExploitation Less LikelyNo8.0CVE-2026-26179Windows Kernel Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-26180Windows Kernel Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32195Windows Kernel Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-26163Windows Kernel Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32215Windows Kernel Information Disclosure VulnerabilityExploitation Less LikelyNo5.5CVE-2026-32217Windows Kernel Information Disclosure VulnerabilityExploitation Less LikelyNo5.5CVE-2026-32218Windows Kernel Information Disclosure VulnerabilityExploitation Less LikelyNo5.5CVE-2026-26169Windows Kernel Memory Information Disclosure VulnerabilityExploitation More LikelyNo6.1CVE-2026-32071Windows Local Security Authority Subsystem Service (LSASS) Denial of Service VulnerabilityExploitation Less LikelyNo7.5CVE-2026-27929Windows LUA File Virtualization Filter Driver Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-20930Windows Management Services Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-26162Windows OLE Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-33101Windows Print Spooler Elevation of Privilege VulnerabilityExploitation UnlikelyNo7.8CVE-2026-32084Windows Print Spooler Information Disclosure VulnerabilityExploitation UnlikelyNo5.5CVE-2026-27927Windows Projected File System Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-26184Windows Projected File System Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32069Windows Projected File System Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32074Windows Projected File System Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32078Windows Projected File System Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-26167Windows Push Notifications Elevation of Privilege VulnerabilityExploitation Less LikelyNo8.8CVE-2026-32158Windows Push Notifications Elevation of Privilege VulnerabilityExploitation UnlikelyNo7.8CVE-2026-32159Windows Push Notifications Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32160Windows Push Notifications Elevation of Privilege VulnerabilityExploitation UnlikelyNo7.8CVE-2026-26172Windows Push Notifications Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-20928Windows Recovery Environment Security Feature Bypass VulnerabilityExploitation Less LikelyNo4.6CVE-2026-32216Windows Redirected Drive Buffering System Denial of Service VulnerabilityExploitation Less LikelyNo5.5CVE-2026-27909Windows Search Service Elevation of Privilege VulnerabilityExploitation More LikelyNo7.8CVE-2026-26161Windows Sensor Data Service Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-26174Windows Server Update Service (WSUS) Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-32224Windows Server Update Service (WSUS) Elevation of Privilege VulnerabilityExploitation UnlikelyNo7.0CVE-2026-26154Windows Server Update Service (WSUS) Tampering VulnerabilityExploitation Less LikelyNo7.5CVE-2026-26165Windows Shell Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-26166Windows Shell Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-27918Windows Shell Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32151Windows Shell Information Disclosure VulnerabilityExploitation Less LikelyNo6.5CVE-2026-32225Windows Shell Security Feature Bypass VulnerabilityExploitation More LikelyNo8.8CVE-2026-32202Windows Shell Spoofing VulnerabilityExploitation More LikelyNo4.3CVE-2026-32082Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-32083Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-32068Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege VulnerabilityExploitation UnlikelyNo7.0CVE-2026-32183Windows Snipping Tool Remote Code Execution VulnerabilityExploitation Less LikelyNo7.8CVE-2026-33829Windows Snipping Tool Spoofing VulnerabilityExploitation UnlikelyNo4.3CVE-2026-32089Windows Speech Brokered Api Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32090Windows Speech Brokered Api Elevation of Privilege VulnerabilityExploitation UnlikelyNo7.8CVE-2026-32153Windows Speech Runtime Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-27907Windows Storage Spaces Controller Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32076Windows Storage Spaces Controller Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-33827Windows TCP/IP Remote Code Execution VulnerabilityExploitation Less LikelyNo8.1CVE-2026-27908Windows TDI Translation Driver (tdx.sys) Elevation of Privilege VulnerabilityExploitation More LikelyNo7.0CVE-2026-27921Windows TDI Translation Driver (tdx.sys) Elevation of Privilege VulnerabilityExploitation More LikelyNo7.0CVE-2026-27915Windows UPnP Device Host Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-27919Windows UPnP Device Host Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32075Windows UPnP Device Host Elevation of Privilege VulnerabilityExploitation More LikelyNo7.0CVE-2026-27916Windows UPnP Device Host Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-27920Windows UPnP Device Host Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-32077Windows UPnP Device Host Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-27925Windows UPnP Device Host Information Disclosure VulnerabilityExploitation Less LikelyNo6.5CVE-2026-32156Windows UPnP Device Host Remote Code Execution VulnerabilityExploitation Less LikelyNo7.4CVE-2026-32223Windows USB Printing Stack (usbprint.sys) Elevation of Privilege VulnerabilityExploitation Less LikelyNo6.8CVE-2026-32165Windows User Interface Core Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-27911Windows User Interface Core Elevation of Privilege VulnerabilityExploitation UnlikelyNo7.8CVE-2026-32163Windows User Interface Core Elevation of Privilege VulnerabilityExploitation UnlikelyNo7.8CVE-2026-32164Windows User Interface Core Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8CVE-2026-23670Windows Virtualization-Based Security (VBS) Security Feature Bypass VulnerabilityExploitation Less LikelyNo5.7CVE-2026-32080Windows WalletService Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-27917Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.0CVE-2026-32222Windows Win32k Elevation of Privilege VulnerabilityExploitation Less LikelyNo7.8Zero-Day Vulnerabilities: Known ExploitedCVETitleExploitation statusPublicly disclosed?CVSS v3 base scoreCVE-2026-32201Microsoft SharePoint Server Spoofing VulnerabilityExploitation DetectedNo6.5Zero-Day Vulnerabilities: Publicly Disclosed (No known exploitation)CVETitleExploitation statusPublicly disclosed?CVSS v3 base scoreCVE-2026-33825Microsoft Defender Elevation of Privilege VulnerabilityExploitation More LikelyYes7.8Critical RCEs and EoPsCVETitleExploitation statusPublicly disclosed?CVSS v3 base scoreCVE-2026-33824Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution VulnerabilityExploitation Less LikelyNo9.8Article TagsPatch TuesdayVulnerability ManagementAdam BarnettAuthor PostsRelated blog postsExposure ManagementPatch Tuesday - March 2026Adam BarnettExposure ManagementPatch Tuesday - February 2026Adam BarnettVulnerabilities and ExploitsPatch Tuesday and the Enduring Challenge of Windows’ Backwards CompatibilityAdam BarnettExposure ManagementPatch Tuesday - January 2026Adam BarnettSee all posts
    💬 Team Notes
    Article Info
    Source
    Rapid7
    Category
    ◆ Security Tools & Reviews
    Published
    Apr 15, 2026
    Archived
    Apr 15, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗