June Patch Tuesday smashes past 500-CVE mark

AndyC 17 June 2026

Critical severity

CVE-2026-33828
Windows Device Health Attestation (DHA) Elevation of Privilege Vulnerability

CVE-2026-42985
Remote Desktop Client Remote Code Execution Vulnerability

CVE-2026-42987
Windows Deployment Services (WDS) Remote Code Exec

Critical severity CVE-2026-33828 Windows Device Health Attestation (DHA) Elevation of Privilege Vulnerability CVE-2026-42985 Remote Desktop Client Remote Code Execution Vulnerability CVE-2026-42987 Windows Deployment Services (WDS) Remote Code Execution CVE-2026-42992 Remote Desktop Client Remote Code Execution Vulnerability CVE-2026-44799 Remote Desktop Client Remote Code Execution Vulnerability CVE-2026-44801 Remote Desktop Client Remote Code Execution Vulnerability CVE-2026-44803 Windows Graphics Component Remote Code Execution Vulnerability CVE-2026-44810 Microsoft Cryptographic Services Elevation of Privilege Vulnerability CVE-2026-44812 Windows Graphics Component Remote Code Execution Vulnerability CVE-2026-44815 DHCP Client Service Remote Code Execution Vulnerability CVE-2026-45607 Windows Hyper-V Remote Code Execution Vulnerability CVE-2026-45641 Windows Hyper-V Remote Code Execution Vulnerability CVE-2026-45648 Windows Active Directory Domain Services Remote Code Execution Vulnerability CVE-2026-45657 Windows Kernel Remote Code Execution Vulnerability CVE-2026-47288 Windows Kerberos Key Distribution Center (KDC) Remote Code Execution CVE-2026-47289 Remote Desktop Client Remote Code Execution Vulnerability CVE-2026-47291 HTTP.sys Remote Code Execution Vulnerability CVE-2026-47652 Windows Hyper-V Remote Code Execution Vulnerability CVE-2026-47654 Remote Desktop Client Remote Code Execution Vulnerability CVE-2026-48563 Remote Desktop Client Remote Code Execution Vulnerability CVE-2026-48574 Windows Media Remote Code Execution Vulnerability Important severity CVE-2020-17103 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability CVE-2026-34335 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVE-2026-40404 Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability CVE-2026-40409 Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability CVE-2026-41092 Microsoft Kinect Elevation of Privilege Vulnerability CVE-2026-41108 Windows DNS Client Elevation of Privilege Vulnerability CVE-2026-42828 Windows Projected File System Elevation of Privilege Vulnerability CVE-2026-42829 Windows Administrator Protection Secure Feature Bypass Vulnerability CVE-2026-42836 Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability CVE-2026-42837 Windows Projected File System Elevation of Privilege Vulnerability CVE-2026-42903 Windows Kerberos Denial of Service Vulnerability CVE-2026-42904 Windows TCP/IP Elevation of Privilege Vulnerability CVE-2026-42905 Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2026-42906 Windows Shell Information Disclosure Vulnerability CVE-2026-42907 Windows Shell Information Disclosure Vulnerability CVE-2026-42908 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability CVE-2026-42909 Remote Desktop Client Remote Code Execution Vulnerability CVE-2026-42910 Windows Hotpatch Monitoring Service Elevation of Privilege Vulnerability CVE-2026-42911 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVE-2026-42912 Windows Telephony Service Elevation of Privilege Vulnerability CVE-2026-42913 Remote Desktop Client Remote Code Execution Vulnerability CVE-2026-42914 Windows Kerberos Denial of Service Vulnerability CVE-2026-42915 Windows TCP/IP Denial of Service Vulnerability CVE-2026-42916 NT OS Kernel Elevation of Privilege Vulnerability CVE-2026-42968 Windows Telephony Server Information Disclosure Vulnerability CVE-2026-42969 Windows Push Notification Information Disclosure Vulnerability CVE-2026-42970 Windows Push Notification Information Disclosure Vulnerability CVE-2026-42971 Windows Push Notification Information Disclosure Vulnerability CVE-2026-42972 Windows Hyper-V Information Disclosure Vulnerability CVE-2026-42973 Windows Push Notification Information Disclosure Vulnerability CVE-2026-42974 Windows Performance Monitor Remote Code Execution Vulnerability CVE-2026-42977 Windows Push Notifications Elevation of Privilege Vulnerability CVE-2026-42978 Windows Push Notifications Elevation of Privilege Vulnerability CVE-2026-42979 Windows Push Notifications Elevation of Privilege Vulnerability CVE-2026-42980 NT OS Kernel Elevation of Privilege Vulnerability CVE-2026-42981 Windows Performance Monitor Remote Code Execution Vulnerability CVE-2026-42983 Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2026-42984 Windows Kernel Elevation of Privilege Vulnerability CVE-2026-42986 Microsoft Graphics Component Elevation of Privilege Vulnerability CVE-2026-42989 Winlogon Elevation of Privilege Vulnerability CVE-2026-42991 Windows Push Notifications Elevation of Privilege Vulnerability CVE-2026-42993 Remote Desktop Client Remote Code Execution Vulnerability CVE-2026-44802 Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2026-44804 Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2026-44805 Windows Network Controller (NC) Host Agent Denial of Service Vulnerability CVE-2026-44807 Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2026-44808 Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2026-44809 Windows Common Log File System Driver Elevation of Privilege Vulnerability CVE-2026-44811 Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2026-44813 Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2026-44814 Windows DWM Core Library Information Disclosure  Vulnerability CVE-2026-45487 Windows Program Compatibility Assistant Service Elevation of Privilege Vulnerability CVE-2026-45585 Windows BitLocker Security Feature Bypass Vulnerability CVE-2026-45586 Windows Collaborative Translation Framework (CTFMON) Elevation of Privilege Vulnerability CVE-2026-45588 Secure Boot Security Feature Bypass Vulnerability CVE-2026-45592 Windows Internet (wininet.dll) Elevation of Privilege Vulnerability CVE-2026-45593 Windows SDK Elevation of Privilege Vulnerability CVE-2026-45594 Windows Application Identity (AppID) Information Disclosure Vulnerability CVE-2026-45595 Windows Mark of the Web Security Feature Bypass Vulnerability CVE-2026-45596 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVE-2026-45597 Windows UI Automation Manager (uiamanager.dll) Elevation of Privilege Vulnerability CVE-2026-45598 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVE-2026-45599 Windows UPnP Device Host Remote Code Execution Vulnerability CVE-2026-45600 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability CVE-2026-45601 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVE-2026-45602 Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability CVE-2026-45603 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVE-2026-45604 Windows Managed Installer Information Disclosure Vulnerability CVE-2026-45605 Windows Bluetooth Service Elevation of Privilege Vulnerability CVE-2026-45606 Microsoft UxTheme Library (uxtheme.dll) Denial of Service Vulnerability CVE-2026-45608 Windows DHCP Client Information Disclosure Vulnerability CVE-2026-45634 Windows DHCP Client Information Disclosure Vulnerability CVE-2026-45635 Windows UPnP Device Host Remote Code Execution Vulnerability CVE-2026-45636 Windows NTFS Remote Code Execution Vulnerability CVE-2026-45637 Microsoft DWM Core Library Elevation of Privilege Vulnerability CVE-2026-45638 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVE-2026-45639 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability CVE-2026-45640 Windows Bluetooth Port Driver Elevation of Privilege Vulnerability CVE-2026-45642 Microsoft Azure Attestation service and Device Health Attestation Service Spoofing Vulnerability CVE-2026-45653 Windows Kernel Elevation of Privilege Vulnerability CVE-2026-45654 Secure Boot Security Feature Bypass Vulnerability CVE-2026-45655 Windows BitLocker Security Feature Bypass Vulnerability CVE-2026-45656 UEFI Secure Boot Security Feature Bypass Vulnerability CVE-2026-45658 Windows BitLocker Security Feature Bypass Vulnerability CVE-2026-47648 Windows Storage Elevation of Privilege Vulnerability CVE-2026-47653 Remote Desktop Client Remote Code Execution Vulnerability CVE-2026-47656 Windows Boot Manager Security Feature Bypass Vulnerability CVE-2026-48566 Windows DWM Core Library Information Disclosure  Vulnerability CVE-2026-48568 Secure Boot Security Feature Bypass Vulnerability CVE-2026-48570 Secure Boot Security Feature Bypass Vulnerability CVE-2026-48573 Secure Boot Security Feature Bypass Vulnerability CVE-2026-48575 Secure Boot Security Feature Bypass Vulnerability CVE-2026-48576 Secure Boot Security Feature Bypass Vulnerability CVE-2026-48578 Secure Boot Security Feature Bypass Vulnerability CVE-2026-48583 Windows Kernel Elevation of Privilege Vulnerability CVE-2026-49160 HTTP.sys Denial of Service Vulnerability CVE-2026-50507 Windows BitLocker Security Feature Bypass Vulnerability CVE-2026-50508 Windows NTLM Spoofing Vulnerability

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , ,

What do you feel about this?

More Stories

Suspected North Korean actors use fake ‘coding assignments’ to steal crypto

Suspected North Korean actors use fake ‘coding assignments’ to steal crypto

AndyC 17 June 2026
China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa

China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa

AndyC 17 June 2026
Infinite Campus: Salesforce Breach Exposed 137,000 Staff Records

Infinite Campus: Salesforce Breach Exposed 137,000 Staff Records

AndyC 17 June 2026
Best Prime Day Tech Deals: Apple, Bose, Garmin, and More

Best Prime Day Tech Deals: Apple, Bose, Garmin, and More

AndyC 17 June 2026
ShinyHunters Claims Council of Europe HR Data, Threatens Leak

ShinyHunters Claims Council of Europe HR Data, Threatens Leak

AndyC 17 June 2026
Nintendo Alleged Data Breach: Threat Actor Demands M Ransom

Nintendo Alleged Data Breach: Threat Actor Demands $2M Ransom

AndyC 17 June 2026

You may have missed

Smashing Security podcast #471: This AI worm just rewrote its own rules

Smashing Security podcast #471: This AI worm just rewrote its own rules

AndyC 17 June 2026
Smashing Security podcast #471: This AI worm just rewrote its own rules

Smashing Security podcast #471: This AI worm just rewrote its own rules

AndyC 17 June 2026
Smashing Security podcast #471: This AI worm just rewrote its own rules

Smashing Security podcast #471: This AI worm just rewrote its own rules

AndyC 17 June 2026
Why schools remain one of cybercriminals’ favourite targets

Why schools remain one of cybercriminals’ favourite targets

AndyC 17 June 2026
Microsoft launches Copilot Cowork with usage-based pricing

Who Runs the Ransomware Group ‘The Gentlemen?’

AndyC 17 June 2026

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.