{"resultsPerPage":3,"startIndex":0,"totalResults":3,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-17T20:25:19.942","vulnerabilities":[{"cve":{"id":"CVE-2020-17103","sourceIdentifier":"secure@microsoft.com","published":"2020-12-10T00:15:14.357","lastModified":"2026-05-16T14:16:37.193","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability"},{"lang":"es","value":"Vulnerabilidad de Elevación de Privilegios en el Controlador de Mini-Filtros de Archivos en Windows Cloud. Este CVE ID es diferente de CVE-2020-17134, CVE-2020-17136"}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*","matchCriteriaId":"21540673-614A-4D40-8BD7-3F07723803B0"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*","matchCriteriaId":"9E2C378B-1507-4C81-82F6-9F599616845A"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*","matchCriteriaId":"7CB85C75-4D35-480E-843D-60579EC75FCB"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*","matchCriteriaId":"6B8F3DD2-A145-4AF1-8545-CC42892DA3D1"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*","matchCriteriaId":"3FB5CDAE-C713-4D9D-9D6A-2C2E8924A4BB"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*","matchCriteriaId":"E9273B95-20ED-4547-B0A8-95AD15B30372"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*","matchCriteriaId":"AAE74AF3-C559-4645-A6C0-25C3D647AAC8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*","matchCriteriaId":"041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*","matchCriteriaId":"4A190388-AA82-4504-9D5A-624F23268C9F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*","matchCriteriaId":"5B921FDB-8E7D-427E-82BE-4432585080CF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*","matchCriteriaId":"C253A63F-03AB-41CB-A03A-B2674DEA98AA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*","matchCriteriaId":"0B60D940-80C7-49F0-8F4E-3F99AC15FA82"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*","matchCriteriaId":"DB79EE26-FC32-417D-A49C-A1A63165A968"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17103","source":"secure@microsoft.com"},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17103","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://github.com/Nightmare-Eclipse/MiniPlasma","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-46333","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-05-15T14:16:35.793","lastModified":"2026-05-16T13:16:16.810","vulnStatus":"Received","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nptrace: slightly saner 'get_dumpable()' logic\n\nThe 'dumpability' of a task is fundamentally about the memory image of\nthe task - the concept comes from whether it can core dump or not - and\nmakes no sense when you don't have an associated mm.\n\nAnd almost all users do in fact use it only for the case where the task\nhas a mm pointer.\n\nBut we have one odd special case: ptrace_may_access() uses 'dumpable' to\ncheck various other things entirely independently of the MM (typically\nexplicitly using flags like PTRACE_MODE_READ_FSCREDS).  Including for\nthreads that no longer have a VM (and maybe never did, like most kernel\nthreads).\n\nIt's not what this flag was designed for, but it is what it is.\n\nThe ptrace code does check that the uid/gid matches, so you do have to\nbe uid-0 to see kernel thread details, but this means that the\ntraditional \"drop capabilities\" model doesn't make any difference for\nthis all.\n\nMake it all make a *bit* more sense by saying that if you don't have a\nMM pointer, we'll use a cached \"last dumpability\" flag if the thread\never had a MM (it will be zero for kernel threads since it is never\nset), and require a proper CAP_SYS_PTRACE capability to override."}],"metrics":{},"references":[{"url":"https://git.kernel.org/stable/c/01363cb3fbd0238ffdeb09f53e9039c9edf8a730","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/15b828a46f305ae9f05a7c16914b3ce273474205","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/2a93a4fac7b6051d3be7cd1b015fe7320cd0404d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/4709234fd1b95136ceb789f639b1e7ea5de1b181","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/6e5b51e74a40d377bcd3081dd33fbaa0e1aa7e3d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/8f907d345bae8f4b3f004c5abc56bf2dfb851ea7","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/93d4ba49d18e3d7fb41a9927c2d0cca5e9dfefd6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"http://www.openwall.com/lists/oss-security/2026/05/15/9","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.debian.org/debian-lts-announce/2026/05/msg00032.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2025-4202","sourceIdentifier":"security@wordfence.com","published":"2026-05-16T13:16:16.073","lastModified":"2026-05-16T13:16:16.073","vulnStatus":"Received","cveTags":[],"descriptions":[{"lang":"en","value":"The Multicollab: Content Team Collaboration and Editorial Workflow plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'cf_add_comment' function in all versions up to, and including, 5.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to add comments to arbitrary collaborations."}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"security@wordfence.com","type":"Primary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/commenting-feature/tags/4.8.1/admin/classes/class-commenting-block-admin.php#L1239","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset/3519252/","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/08ec2376-dfe3-4aeb-8173-01e88309f540?source=cve","source":"security@wordfence.com"}]}}]}