Microsoft
Security Scorecard
Score
25F
Total CVEs
641
Patch Rate
28%
178 patched
Avg Response
1052d
days to patch
Critical Gaps
35
exploitable, no detection
Severity Breakdown
Critical17
High299
Medium264
Low40
Patch Status
Patched178 (28%)
Partial/Workaround31 (5%)
Unpatched432 (67%)
CVEs (645)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2026-20921 | Windows SMB Server Race Condition Vulnerability | High | 7.5 | - | Patched |
| CVE-2026-20922 | NTFS Heap Overflow Exploit | High | 7.8 | - | Patched |
| CVE-2026-20923 | Windows Management Services Use After Free Vulnerability | High | 7.8 | - | Patched |
| CVE-2026-20924 | Windows Management Services Local Privilege Escalation | High | 7.8 | - | Patched |
| CVE-2026-20925 | Windows NTLM Spoofing Vulnerability | Medium | 6.5 | - | Workaround |
| CVE-2026-20926 | Windows SMB Server Race Condition | High | 7.5 | - | Patched |
| CVE-2026-20927 | Windows SMB Server Race Condition | Medium | 5.3 | - | Patched |
| CVE-2026-20929 | Windows HTTP.sys Privilege Escalation | High | 7.5 | 0d | Unpatched |
| CVE-2026-20931 | Windows Telephony Service Privilege Escalation | High | 8.0 | - | Patched |
| CVE-2026-20932 | Windows File Explorer Vulnerability | Medium | 5.5 | - | Patched |