Nye sårbarheter

Sikkerhetsoppdateringer (CVE)

Hva er CVE? CVE er en internasjonal liste over kjente sårbarheter i programvare og maskinvare.
Vi velger å liste opp sårbarheter for Microsoft og FortiNet produkter her.

Microsoft og FortiNet sårbarheter siste 30 dager AKTIV OVERVÅKNING
MICROSOFT CVSS: 7.8
EUVD-2026-37141
Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ". We are working to provide a high quality security update that addresses this vulnerability. We will provide information in this CVE when the update is available.
Publisert: 16.06.2026SE DETALJER →
MICROSOFT CVSS: 6.2
EUVD-2026-35675
Microsoft Security Advisory CVE-2026-45491 – .NET Tampering Vulnerability
Publisert: 16.06.2026SE DETALJER →
MICROSOFT CVSS: 10.0
? EUVD-2026-34333
KRITISK: Authentication bypass by spoofing in Azure HorizonDB allows an unauthorized attacker to elevate privileges over a network.
Publisert: 04.06.2026SE DETALJER →
MICROSOFT CVSS: 9.1
? EUVD-2026-34338
KRITISK: Improper authorization in Microsoft Exchange Online allows an unauthorized attacker to disclose information over a network.
Publisert: 04.06.2026SE DETALJER →
MICROSOFT CVSS: 6.5
EUVD-2026-34334
Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.
Publisert: 04.06.2026SE DETALJER →
MICROSOFT CVSS: 7.7
EUVD-2026-34335
Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an authorized attacker to execute code over a network.
Publisert: 04.06.2026SE DETALJER →
MICROSOFT CVSS: 7.8
EUVD-2026-35762
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
Publisert: 09.06.2026SE DETALJER →
MICROSOFT CVSS: 7.8
EUVD-2026-35761
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
Publisert: 09.06.2026SE DETALJER →
MICROSOFT CVSS: 7.8
EUVD-2026-35759
Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
Publisert: 09.06.2026SE DETALJER →
MICROSOFT CVSS: 7.5
EUVD-2026-35760
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
Publisert: 09.06.2026SE DETALJER →
MICROSOFT CVSS: 8.1
EUVD-2026-35757
Use after free in Windows Deployment Services allows an unauthorized attacker to execute code over a network.
Publisert: 09.06.2026SE DETALJER →
MICROSOFT CVSS: 7.8
EUVD-2026-35758
Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
Publisert: 09.06.2026SE DETALJER →
MICROSOFT CVSS: 7.5
EUVD-2026-35755
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
Publisert: 09.06.2026SE DETALJER →
MICROSOFT CVSS: 8.8
EUVD-2026-35756
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
Publisert: 09.06.2026SE DETALJER →
MICROSOFT CVSS: 5.5
EUVD-2026-35754
Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally.
Publisert: 09.06.2026SE DETALJER →
FORTINET CVSS: 9.1
? EUVD-2026-35443
KRITISK: A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4 through 5.0.5, FortiSandbox PaaS 5.0.4 through 5.0.5 may allow an unauthenticated attacker to execute unauthorized commands via specifically crafted HTTP requests
Publisert: 09.06.2026SE DETALJER →
FORTINET CVSS: 6.0
EUVD-2025-210085
An Internal Asset Exposed to Unsafe Debug Access Level or State vulnerability [CWE-1244] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.10, FortiProxy 7.2.0 through 7.2.14, FortiProxy 7.0 all versions may allow an authenticated admin to execute lua scripts via crafted CLI commands.
Publisert: 09.06.2026SE DETALJER →
FORTINET CVSS: 6.2
EUVD-2026-35442
A improper access control vulnerability in Fortinet FortiPortal 7.4.0 through 7.4.7, FortiPortal 7.2.0 through 7.2.8, FortiPortal 7.0 all versions may allow attacker to improper access control via
Publisert: 09.06.2026SE DETALJER →
Trykk send inn, så sender vi deg oversikt over siste sårbarheter.