Microsoft has released its June 2026 Patch Tuesday security updates, addressing a hefty 198 vulnerabilities across its product ecosystem.
The June rollout, published on June 9, 2026, stands out not only for its volume but also for the inclusion of three zero-day vulnerabilities that were actively exploited or publicly known before a fix was available.
Administrators are urged to prioritize deployment, as customer action is required for every CVE in this cycle.
| Vulnerability Type | Count |
|---|---|
| Elevation of Privilege | 63 |
| Remote Code Execution | 54 |
| Spoofing | 27 |
| Information Disclosure | 26 |
| Security Feature Bypass | 18 |
| Denial of Service | 7 |
| Tampering | 3 |
| Total | 198 |
3 Zero-Days Patched
CVE-2026-50507 is a Windows BitLocker Security Feature Bypass rated Important. A successful bypass could allow an attacker with physical or local access to circumvent BitLocker’s full-disk encryption protections, undermining a control that many organizations treat as a last line of defense for lost or stolen devices.
CVE-2026-49160 is an HTTP.sys Denial of Service vulnerability affecting the HTTP/2 stack, also rated Important. Because HTTP.sys sits beneath IIS and other Windows networking services, a crafted request stream could knock exposed web-facing servers offline, making this a priority for internet-facing infrastructure.
The third zero-day, CVE-2026-45586, rounds out the trio of pre-disclosure flaws Microsoft confirmed were known to attackers ahead of patch availability. Together, the three underscore a recurring theme: encryption bypass, service disruption, and boot-path integrity remain favorite targets.
Critical RCE Vulnerabilities patched
Beyond the zero-days, this cycle contains 54 RCE vulnerabilities, of which a notable subset is rated Critical.
Remote Desktop Client received the most concentrated cluster of RCE patches, with 11 total CVEs, including Critical-rated CVE-2026-44801, CVE-2026-44799, CVE-2026-42992, and CVE-2026-42985.
Windows Hyper-V was also significantly impacted by Critical RCE vulnerabilities CVE-2026-47652, CVE-2026-45641, and CVE-2026-45607 all capable of allowing VM guest escape and code execution on the host.
Other Critical RCE highlights include:
- CVE-2026-47291 – HTTP.sys Remote Code Execution
- CVE-2026-47288 – Windows Kerberos KDC RCE (critical for Active Directory infrastructure)
- CVE-2026-45648 – Active Directory Domain Services RCE
- CVE-2026-32193 – Azure Kubernetes Service (AKS) RCE
- CVE-2026-26142 – Nuance PowerScribe RCE (healthcare environments)
Microsoft Office also shipped several Critical RCE patches, CVE-2026-45458 and CVE-2026-45456 (Outlook and Word), CVE-2026-45474, and CVE-2026-45472 all exploitable via malicious document delivery.
With 63 EoP vulnerabilities, privilege escalation dominates this patch cycle. Key components affected include Windows DWM Core Library (11 EoP CVEs), Windows Ancillary Function Driver for WinSock (7 CVEs), Windows Push Notifications (4 CVEs), and the Windows Kernel (CVE-2026-48583, CVE-2026-45653).
The Critical-rated Microsoft Cryptographic Services EoP (CVE-2026-44810) is particularly notable as it targets a foundational security subsystem. These EoP flaws are frequently chained with initial access exploits in multi-stage attack scenarios to gain SYSTEM-level control.
Windows Secure Boot received 8 Security Feature Bypass patches this month, continuing a trend of attacker investment in undermining pre-OS boot integrity.
Given three actively known zero-days and multiple Critical RCEs, security teams should test and deploy this month’s updates without delay, prioritizing BitLocker, HTTP.sys, Remote Desktop, and Hyper-V hosts. Where immediate patching is not possible, network segmentation and restricting RDP exposure can reduce risk until updates are applied.
Here is the full list of CVE’s
| CVE Number | CVE Title | Impact |
|---|---|---|
| CVE-2026-50508 | Windows NTLM Spoofing Vulnerability | Spoofing |
| CVE-2026-50507 | Windows BitLocker Security Feature Bypass Vulnerability | Security Feature Bypass |
| CVE-2026-49161 | Microsoft PC Manager Security Feature Bypass Vulnerability | Security Feature Bypass |
| CVE-2026-49160 | HTTP.sys Denial of Service Vulnerability | Denial of Service |
| CVE-2026-48583 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-48578 | Secure Boot Security Feature Bypass Vulnerability | Elevation of Privilege |
| CVE-2026-48576 | Secure Boot Security Feature Bypass Vulnerability | Security Feature Bypass |
| CVE-2026-48575 | Secure Boot Security Feature Bypass Vulnerability | Security Feature Bypass |
| CVE-2026-48574 | Windows Media Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-48573 | Secure Boot Security Feature Bypass Vulnerability | Security Feature Bypass |
| CVE-2026-48570 | Secure Boot Security Feature Bypass Vulnerability | Security Feature Bypass |
| CVE-2026-48569 | Visual Studio Code Security Feature Bypass Vulnerability | Security Feature Bypass |
| CVE-2026-48568 | Secure Boot Security Feature Bypass Vulnerability | Security Feature Bypass |
| CVE-2026-48566 | Windows DWM Core Library Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-48565 | Windows Narrator Braille Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-48563 | Remote Desktop Client Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-48562 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing |
| CVE-2026-48560 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing |
| CVE-2026-47656 | Windows Boot Manager Security Feature Bypass Vulnerability | Security Feature Bypass |
| CVE-2026-47654 | Remote Desktop Client Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-47653 | Remote Desktop Client Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-47652 | Windows Hyper-V Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-47648 | Windows Storage Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-47643 | Azure Stack Edge Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-47641 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing |
| CVE-2026-47640 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing |
| CVE-2026-47639 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing |
| CVE-2026-47638 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing |
| CVE-2026-47637 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing |
| CVE-2026-47636 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing |
| CVE-2026-47635 | Microsoft Outlook and Word Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-47634 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing |
| CVE-2026-47631 | Microsoft Exchange Server Spoofing Vulnerability | Spoofing |
| CVE-2026-47298 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-47293 | Microsoft Office Click-To-Run Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-47292 | Visual Studio Code MSSQL Extension Remote Code Execution Vulnerability | Elevation of Privilege |
| CVE-2026-47291 | HTTP.sys Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-47289 | Remote Desktop Client Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-47288 | Windows Kerberos Key Distribution Center (KDC) Remote Code Execution | Remote Code Execution |
| CVE-2026-47287 | Visual Studio Code Tampering Vulnerability | Tampering |
| CVE-2026-47284 | Visual Studio Code Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-47281 | Visual Studio Code Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-45658 | Windows BitLocker Security Feature Bypass Vulnerability | Security Feature Bypass |
| CVE-2026-45657 | Windows Kernel Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-45656 | UEFI Secure Boot Security Feature Bypass Vulnerability | Security Feature Bypass |
| CVE-2026-45655 | Windows BitLocker Security Feature Bypass Vulnerability | Security Feature Bypass |
| CVE-2026-45654 | Secure Boot Security Feature Bypass Vulnerability | Security Feature Bypass |
| CVE-2026-45653 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-45650 | Microsoft Bing Search Spoofing Vulnerability | Spoofing |
| CVE-2026-45649 | Office for Android Spoofing Vulnerability | Spoofing |
| CVE-2026-45648 | Windows Active Directory Domain Services Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-45647 | Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-45645 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-45644 | Microsoft Live Share Canvas SDK Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-45643 | Microsoft Word Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-45642 | Microsoft Azure Attestation Service Spoofing Vulnerability | Spoofing |
| CVE-2026-45641 | Windows Hyper-V Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-45640 | Windows Bluetooth Port Driver Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-45639 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-45638 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-45637 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-45636 | Windows NTFS Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-45635 | Windows UPnP Device Host Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-45634 | Windows DHCP Client Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-45608 | Windows DHCP Client Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-45607 | Windows Hyper-V Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-45606 | Microsoft UxTheme Library Denial of Service Vulnerability | Denial of Service |
| CVE-2026-45605 | Windows Bluetooth Service Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-45604 | Windows Managed Installer Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-45603 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-45602 | Windows DHCP Tampering Vulnerability | Tampering |
| CVE-2026-45601 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-45600 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-45599 | Windows UPnP Device Host Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-45598 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-45597 | Windows UI Automation Manager Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-45596 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-45595 | Windows Mark of the Web Security Feature Bypass Vulnerability | Security Feature Bypass |
| CVE-2026-45594 | Windows Application Identity (AppID) Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-45593 | Windows SDK Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-45592 | Windows Internet (wininet.dll) Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-45591 | ASP.NET Core Denial of Service Vulnerability | Denial of Service |
| CVE-2026-45588 | Secure Boot Security Feature Bypass Vulnerability | Security Feature Bypass |
| CVE-2026-45586 | Windows Collaborative Translation Framework (CTFMON) Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-45583 | Microsoft Exchange Server Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-45504 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-45503 | Microsoft Exchange Server Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-45502 | Microsoft Exchange Server Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-45501 | Microsoft Exchange Server Spoofing Vulnerability | Spoofing |
| CVE-2026-45500 | Microsoft Exchange Server Spoofing Vulnerability | Spoofing |
| CVE-2026-45491 | .NET Tampering Vulnerability | Tampering |
| CVE-2026-45490 | .NET SDK Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-45487 | Windows Program Compatibility Assistant Service Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-45486 | Microsoft Word Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-45485 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-45484 | Microsoft SharePoint Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-45483 | Microsoft Office Project Server Spoofing Vulnerability | Spoofing |
| CVE-2026-45482 | Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass Vulnerability | Security Feature Bypass |
| CVE-2026-45481 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing |
| CVE-2026-45479 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing |
| CVE-2026-45476 | Microsoft Azure Network Adapter Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-45475 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-45474 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-45472 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-45471 | Microsoft Word Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-45469 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-45468 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing |
| CVE-2026-45467 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing |
| CVE-2026-45466 | Microsoft Word Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-45465 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing |
| CVE-2026-45464 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing |
| CVE-2026-45463 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-45462 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing |
| CVE-2026-45461 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-45460 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-45459 | Microsoft Excel Security Feature Bypass Vulnerability | Security Feature Bypass |
| CVE-2026-45458 | Microsoft Outlook and Word Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-45457 | Microsoft Word Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-45456 | Microsoft Outlook and Word Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-45455 | Microsoft Excel Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-45454 | Microsoft SharePoint Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-45453 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing |
| CVE-2026-44824 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-44823 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-44822 | Microsoft Excel Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-44821 | Microsoft Office Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-44820 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-44819 | Microsoft Office Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-44818 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-44817 | Microsoft Excel Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-44815 | DHCP Client Service Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-44814 | Windows DWM Core Library Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-44813 | Windows DWM Core Library Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-44812 | Windows Graphics Component Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-44811 | Windows DWM Core Library Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-44810 | Microsoft Cryptographic Services Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-44809 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-44808 | Windows DWM Core Library Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-44807 | Windows DWM Core Library Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-44805 | Windows Network Controller Host Agent Denial of Service Vulnerability | Denial of Service |
| CVE-2026-44804 | Windows DWM Core Library Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-44803 | Windows Graphics Component Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-44802 | Windows DWM Core Library Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-44801 | Remote Desktop Client Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-44799 | Remote Desktop Client Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-42993 | Remote Desktop Client Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-42992 | Remote Desktop Client Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-42991 | Windows Push Notifications Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-42989 | Winlogon Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-42987 | Windows Deployment Services (WDS) Remote Code Execution | Remote Code Execution |
| CVE-2026-42986 | Microsoft Graphics Component Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-42985 | Remote Desktop Client Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-42984 | Windows Kernel Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-42983 | Windows DWM Core Library Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-42981 | Windows Performance Monitor Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-42980 | NT OS Kernel Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-42979 | Windows Push Notifications Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-42978 | Windows Push Notifications Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-42977 | Windows Push Notifications Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-42974 | Windows Performance Monitor Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-42973 | Windows Push Notification Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-42972 | Windows Hyper-V Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-42971 | Windows Push Notification Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-42970 | Windows Push Notification Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-42969 | Windows Push Notification Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-42968 | Windows Telephony Server Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-42916 | NT OS Kernel Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-42915 | Windows TCP/IP Denial of Service Vulnerability | Denial of Service |
| CVE-2026-42914 | Windows Kerberos Denial of Service Vulnerability | Denial of Service |
| CVE-2026-42913 | Remote Desktop Client Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-42912 | Windows Telephony Service Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-42911 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-42910 | Windows Hotpatch Monitoring Service Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-42909 | Remote Desktop Client Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-42908 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-42907 | Windows Shell Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-42906 | Windows Shell Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-42905 | Windows DWM Core Library Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-42904 | Windows TCP/IP Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-42903 | Windows Kerberos Denial of Service Vulnerability | Denial of Service |
| CVE-2026-42902 | Microsoft PowerToys Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-42837 | Windows Projected File System Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-42836 | Windows Function Discovery Service Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-42835 | Microsoft Teams for Android Information Disclosure Vulnerability | Information Disclosure |
| CVE-2026-42829 | Windows Administrator Protection Secure Feature Bypass Vulnerability | Security Feature Bypass |
| CVE-2026-42828 | Windows Projected File System Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-41108 | Windows DNS Client Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-41098 | Azure Stack Edge Spoofing Vulnerability | Spoofing |
| CVE-2026-41092 | Microsoft Kinect Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-40409 | Windows Universal Disk Format File System Driver Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-40404 | Windows Universal Disk Format File System Driver Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-40376 | Visual Studio Code Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-40371 | Microsoft Dynamics 365 (on-premises) Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-34335 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-33828 | Windows Device Health Attestation Elevation of Privilege Vulnerability | Elevation of Privilege |
| CVE-2026-33113 | Microsoft SharePoint Server Spoofing Vulnerability | Spoofing |
| CVE-2026-32193 | Azure Kubernetes Service (AKS) Remote Code Execution Vulnerability | Remote Code Execution |
| CVE-2026-26142 | Nuance PowerScribe Remote Code Execution Vulnerability | Remote Code Execution |
Other Patch Tuesday Updates:
- Critical Veeam Vulnerability Allows RCE Attacks on Backup Servers
- Fortinet FortiSandbox Vulnerability Allows Attackers to Execute Unauthorized Commands
- Google Chrome 0-Day Vulnerability Exploited in the Wild — Update Now
- SAP Security Patch Day – Critical Vulnerabilities in SAP NetWeaver Patched
- Apache HTTP Server 2.4.68 Released With Fix For Use-After-Free, DoS, XSS, and Buffer Overflow Flaws
- Multiple VMware Stored XSS Vulnerabilities Allow Attackers to Inject Malicious Scripts
- UniFi OS Server Critical RCE Chain Allows Root Access Without Credentials
Follow us on Google News, LinkedIn, and X to Get More Instant Updates.
The post Microsoft Patch Tuesday June 2026 – 198 Vulnerabilities Fixed, Including 3 Zero-days appeared first on Cyber Security News.
