CVE-2026-21226: Azure Core shared client library for Python Remote Code Execution Vulnerability

CVE-2026-20941: Host Process for Windows Tasks Elevation of Privilege Vulnerability

CVE-2026-20958: Microsoft SharePoint Information Disclosure Vulnerability

CVE-2026-20957: Microsoft Excel Remote Code Execution Vulnerability

CVE-2026-20952: Microsoft Office Remote Code Execution Vulnerability

Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Headline

CVE-2026-20860: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Microsoft Security Response Center: Latest News