Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Intel Corporation

#6dda929c-bb53-4a77-a76d-48e79601a1ce
PolicyEmail

Short Name

intel

Program Role

CNA

Top Level Root

MITRE Corporation

Security Advisories

View Advisories

Domain

intel.com

Country

USA

Scope

Intel branded products and technologies and Intel managed open source projects.
Reported CVEsVendorsProductsReports
4155Vulnerabilities found
CVE-2026-20767
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-8.5||HIGH
EPSS-0.02% / 6.39%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 17:33
Updated-15 May, 2026 | 20:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quickassist_technologyIntel(R) QAT software drivers for Windows
CWE ID-CWE-20
Improper Input Validation
CVE-2026-20714
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-8.5||HIGH
EPSS-0.01% / 2.89%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 17:31
Updated-15 May, 2026 | 20:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quickassist_technologyIntel(R) QAT software drivers for Windows
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-36515
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.01% / 3.31%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:35
Updated-12 May, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for some AI Playground software before version 3.0.0 alpha within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-AI Playground software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-36510
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.02% / 3.71%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:35
Updated-12 May, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions for some Display Virtualization for Windows OS driver software within Ring 2: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Display Virtualization for Windows OS driver software
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-35991
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-5.6||MEDIUM
EPSS-0.02% / 4.46%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:35
Updated-12 May, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper initialization in the UEFI firmware for some Intel platforms within Ring 0: Bare Metal OS may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Intel platforms
CWE ID-CWE-665
Improper Initialization
CVE-2025-35990
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-8.7||HIGH
EPSS-0.04% / 12.58%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:35
Updated-13 May, 2026 | 03:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel Endpoint Management Assistant (EMA) software before version 1.14.5 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via adjacent access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Intel Endpoint Management Assistant (EMA) software
CWE ID-CWE-20
Improper Input Validation
CVE-2025-35979
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.02% / 4.19%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:35
Updated-12 May, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel(R) Processors within VMX non-root (guest) operation may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) Processors
CWE ID-CWE-1423
Exposure of Sensitive Information caused by Shared Microarchitectural Predictor State that Influences Transient Execution
CVE-2025-35969
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.01% / 3.31%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:35
Updated-12 May, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for some Intel(R) Server Firmware Update Utility Software before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) Server Firmware Update Utility Software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-27723
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.02% / 3.71%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:35
Updated-12 May, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free for some Linux kernel driver for the Intel(R) Ethernet 800 series before version 2.3.14 within Ring 0: Kernel may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (high) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) Ethernet 800 series
CWE ID-CWE-416
Use After Free
CVE-2026-20914
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.01% / 2.83%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:35
Updated-15 May, 2026 | 20:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Null pointer dereference for some Intel(R) QAT software drivers for Windows before version 2.6.0 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quickassist_technologyIntel(R) QAT software drivers for Windows
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-20905
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-6.9||MEDIUM
EPSS-0.02% / 3.62%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:34
Updated-15 May, 2026 | 20:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) QAT software drivers for Windows before version 2.6 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (low) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quickassist_technologyIntel(R) QAT software drivers for Windows
CWE ID-CWE-20
Improper Input Validation
CVE-2026-20887
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.27% / 50.34%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:34
Updated-12 May, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control for some Intel Vision software for all versions within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable remote code execution. This result may potentially occur via network access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (low) and availability (low) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Intel Vision software
CWE ID-CWE-284
Improper Access Control
CVE-2026-20881
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.01% / 2.83%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:34
Updated-15 May, 2026 | 20:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Divide by zero for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quickassist_technologyIntel(R) QAT software drivers for Windows
CWE ID-CWE-369
Divide By Zero
CVE-2026-20879
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-8.3||HIGH
EPSS-0.02% / 4.42%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:34
Updated-12 May, 2026 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write for the Intel(R) Data Center Graphics Driver for VMware ESXi software before version 2.0.2 within Ring 1: Device Drivers may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable data corruption. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (high) and availability (high) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) Data Center Graphics Driver for VMware ESXi software
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-20794
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-9.3||CRITICAL
EPSS-0.02% / 5.65%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:34
Updated-13 May, 2026 | 03:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow for the Intel(R) Data Center Graphics Driver for VMware ESXi software before version 2.0.2 within Ring 1: Device Drivers may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (high) and availability (high) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) Data Center Graphics Driver for VMware ESXi software
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2026-20793
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-4.8||MEDIUM
EPSS-0.01% / 2.95%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:34
Updated-15 May, 2026 | 20:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unchecked return value for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (low) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quickassist_technologyIntel(R) QAT software drivers for Windows
CWE ID-CWE-252
Unchecked Return Value
CVE-2026-20782
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-6.9||MEDIUM
EPSS-0.01% / 2.52%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:34
Updated-15 May, 2026 | 20:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (low) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quickassist_technologyIntel(R) QAT software drivers for Windows
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2026-20772
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.01% / 3.31%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:34
Updated-13 May, 2026 | 03:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for some Intel(R) Connectivity Performance Suite software installers before version 50.25.1121.193 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) Connectivity Performance Suite software installers
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2026-20771
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-6.9||MEDIUM
EPSS-0.01% / 2.52%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:34
Updated-15 May, 2026 | 20:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Null pointer dereference for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quickassist_technologyIntel(R) QAT software drivers for Windows
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-20754
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-6.9||MEDIUM
EPSS-0.02% / 3.71%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:34
Updated-12 May, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (low) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) NPU Drivers
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2026-20753
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-8.7||HIGH
EPSS-0.02% / 5.65%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:34
Updated-13 May, 2026 | 03:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the UEFI firmware for the Slim Bootloader may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (high) and availability (high) impacts.

Action-Not Available
Vendor-n/a
Product-Slim Bootloader may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (high) and availability (high) impacts.
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2026-20751
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-8.3||HIGH
EPSS-0.02% / 4.42%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:34
Updated-12 May, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds read for the Intel(R) Data Center Graphics Driver for VMware ESXi software before version 2.0.2 within Ring 1: Device Drivers may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (none) and availability (high) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) Data Center Graphics Driver for VMware ESXi software
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-20738
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-8.5||HIGH
EPSS-0.02% / 3.75%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:34
Updated-13 May, 2026 | 03:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Untrusted pointer dereference for some Intel(R) QuickAssist Adapter 8960 software before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) QuickAssist Adapter 8960 software
CWE ID-CWE-822
Untrusted Pointer Dereference
CVE-2026-20718
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.01% / 1.78%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:34
Updated-13 May, 2026 | 03:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions for some Intel(R) NPU Driver software installers before version 32.0.100.4511 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) NPU Driver software installers
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2026-20717
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-6.9||MEDIUM
EPSS-0.02% / 3.62%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:34
Updated-15 May, 2026 | 20:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (low) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/aIntel Corporation
Product-quickassist_technologyIntel(R) QAT software drivers for Windows
CWE ID-CWE-20
Improper Input Validation
CVE-2026-20709
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-5.8||MEDIUM
EPSS-0.02% / 5.21%
||
7 Day CHG~0.00%
Published-08 Apr, 2026 | 18:20
Updated-08 Apr, 2026 | 21:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use of Default Cryptographic Key in the hardware for some Intel(R) Pentium(R) Processor Silver Series, Intel(R) Celeron(R) Processor J Series, Intel(R) Celeron(R) Processor N Series may allow an escalation of privilege. Hardware reverse engineer adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via physical access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (high) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) Pentium(R) Processor Silver Series, Intel(R) Celeron(R) Processor J Series, Intel(R) Celeron(R) Processor N Series may allow an escalation of privilege. Hardware reverse engineer adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via physical access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (high) and availability (none) impacts.
CWE ID-CWE-1394
Use of Default Cryptographic Key
CVE-2025-22850
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-5.6||MEDIUM
EPSS-0.01% / 3.36%
||
7 Day CHG~0.00%
Published-10 Mar, 2026 | 22:49
Updated-11 Mar, 2026 | 13:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Time-of-check time-of-use race condition in the UEFI PdaSmm module for some Intel(R) reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2025-22444
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-5.6||MEDIUM
EPSS-0.02% / 5.58%
||
7 Day CHG~0.00%
Published-10 Mar, 2026 | 22:49
Updated-11 Mar, 2026 | 13:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Exposure of resource to wrong sphere in the UEFI PdaSmm module for some Intel(R) reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2025-20105
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-8.7||HIGH
EPSS-0.04% / 14.15%
||
7 Day CHG~0.00%
Published-10 Mar, 2026 | 22:49
Updated-12 Mar, 2026 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some UEFI firmware SMM module for the Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (high) and availability (high) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (high) and availability (high) impacts.
CWE ID-CWE-20
Improper Input Validation
CVE-2025-20073
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-1.8||LOW
EPSS-0.02% / 5.58%
||
7 Day CHG~0.00%
Published-10 Mar, 2026 | 22:49
Updated-11 Mar, 2026 | 13:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in the UEFI DXE module for some Intel(R) Reference Platforms within UEFI may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) Reference Platforms
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-20068
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-7.1||HIGH
EPSS-0.04% / 11.98%
||
7 Day CHG~0.00%
Published-10 Mar, 2026 | 22:49
Updated-12 Mar, 2026 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the UEFI ImcErrorHandler module for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
CWE ID-CWE-20
Improper Input Validation
CVE-2025-20064
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-8.7||HIGH
EPSS-0.03% / 7.89%
||
7 Day CHG~0.00%
Published-10 Mar, 2026 | 22:49
Updated-12 Mar, 2026 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the UEFI FlashUcAcmSmm module for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (high) and availability (high) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (high) and availability (high) impacts.
CWE ID-CWE-20
Improper Input Validation
CVE-2025-20028
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-7.1||HIGH
EPSS-0.01% / 3.36%
||
7 Day CHG~0.00%
Published-10 Mar, 2026 | 22:49
Updated-12 Mar, 2026 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Time-of-check time-of-use race condition in the WheaERST SMM module for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2025-20027
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-7.1||HIGH
EPSS-0.04% / 11.98%
||
7 Day CHG~0.00%
Published-10 Mar, 2026 | 22:49
Updated-12 Mar, 2026 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the UEFI WheaERST module for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
CWE ID-CWE-20
Improper Input Validation
CVE-2025-20005
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-5.6||MEDIUM
EPSS-0.02% / 5.58%
||
7 Day CHG~0.00%
Published-10 Mar, 2026 | 22:49
Updated-12 Mar, 2026 | 13:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer restrictions in some UEFI firmware for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (high) and availability (low) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (high) and availability (low) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-20096
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.01% / 1.81%
||
7 Day CHG~0.00%
Published-10 Mar, 2026 | 22:31
Updated-12 Mar, 2026 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the UEFI firmware for some Intel Reference Platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (none), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (high) and availability (high) impacts.

Action-Not Available
Vendor-n/a
Product-Intel Reference Platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (none), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (high) and availability (high) impacts.
CWE ID-CWE-20
Improper Input Validation
CVE-2025-36522
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.01% / 2.28%
||
7 Day CHG~0.00%
Published-10 Feb, 2026 | 16:26
Updated-10 Feb, 2026 | 21:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions for some Intel(R) Chipset Software before version 10.1.20266.8668 or later. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) Chipset Software
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2025-36511
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.01% / 0.24%
||
7 Day CHG~0.00%
Published-10 Feb, 2026 | 16:26
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions for some Intel(R) Memory and Storage Tool before version 2.5.2 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) Memory and Storage Tool
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2025-35999
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.01% / 0.40%
||
7 Day CHG~0.00%
Published-10 Feb, 2026 | 16:26
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect permission assignment for critical resource for some System Firmware Update Utility (SysFwUpdt) for Intel(R) Server Boards and Intel(R) Server Systems Based before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires passive user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-System Firmware Update Utility (SysFwUpdt) for Intel(R) Server Boards and Intel(R) Server Systems Based
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2025-35998
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-7||HIGH
EPSS-0.01% / 0.36%
||
7 Day CHG~0.00%
Published-10 Feb, 2026 | 16:26
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Missing protection mechanism for alternate hardware interface in the Intel(R) Quick Assist Technology for some Intel(R) Platforms within Ring 0: Kernel may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) Platforms
CWE ID-CWE-1299
Missing Protection Mechanism for Alternate Hardware Interface
CVE-2025-35992
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.02% / 5.41%
||
7 Day CHG~0.00%
Published-10 Feb, 2026 | 16:25
Updated-10 Feb, 2026 | 21:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) NPU Drivers
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2025-33030
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-2||LOW
EPSS-0.01% / 0.43%
||
7 Day CHG~0.00%
Published-10 Feb, 2026 | 16:25
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable data corruption. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (low) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) NPU Drivers
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2025-32739
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-2||LOW
EPSS-0.02% / 5.54%
||
7 Day CHG~0.00%
Published-10 Feb, 2026 | 16:25
Updated-20 Apr, 2026 | 12:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper conditions check in some firmware for some Intel(R) Graphics Drivers and Intel LTS kernels within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (low) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/aIntel Corporation
Product-arc_b370core_ultra_3_105ulcore_ultra_5_332core_ultra_7_255hxarc_130vcore_ultra_5_235hxarc_a550mcore_ultra_7_255ucore_ultra_7_256vgraphics_driverarc_a730mcore_ultra_9_275hxcore_ultra_5_235hcore_ultra_9_185harc_a350mcore_ultra_9_285arc_a770mcore_ultra_7_265core_ultra_7_155hlcore_ultra_9_285kcore_ultra_9_285harc_a380arc_pro_b60core_ultra_5_225hcore_ultra_5_115ucore_ultra_5_245core_ultra_5_238vcore_ultra_7_165uarc_130tcore_ultra_5_235tgraphics_softwarecore_ultra_7_265harc_a310core_ultra_5_125hcore_ultra_7_165ulcore_ultra_5_245tcore_ultra_7_265hxcore_ultra_5_325core_ultra_5_228vcore_ultra_5_245kcore_ultra_5_135ularc_a770core_ultra_7_268vcore_ultra_7_265tcore_ultra_5_235core_ultra_7_365arc_a580arc_pro_b50arc_b580core_ultra_7_165hcore_ultra_5_135hlarc_140vcore_ultra_7_265ucore_ultra_5_135hcore_ultra_7_155hlinux_intel_lts_kernelarc_a570mcore_ultra_7_164ucore_ultra_7_265karc_a530mcore_ultra_5_225core_ultra_7_255harc_b570core_ultra_5_236vcore_ultra_5_225ucore_ultra_7_155ularc_a370mcore_ultra_5_125hlcore_ultra_7_258vcore_ultra_5_225tcore_ultra_7_165hlcore_ultra_7_356hcore_ultra_x7_358hcore_ultra_9_386hcore_ultra_9_285tcore_ultra_5_226vcore_ultra_5_336hcore_ultra_7_155ucore_ultra_5_338hcore_ultra_5_235ucore_ultra_5_335core_ultra_x9_388harc_b390core_ultra_7_366hcore_ultra_7_355core_ultra_9_285hxarc_140tcore_ultra_7_266vcore_ultra_9_288vcore_ultra_5_125ulcore_ultra_5_125ucore_ultra_5_134ucore_ultra_5_135ucore_ultra_5_322core_ultra_5_245hxarc_a750Intel(R) Graphics Drivers and Intel LTS kernels
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2025-32735
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.02% / 5.41%
||
7 Day CHG~0.00%
Published-10 Feb, 2026 | 16:25
Updated-10 Feb, 2026 | 21:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) NPU Drivers
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2025-32467
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-5.6||MEDIUM
EPSS-0.02% / 4.39%
||
7 Day CHG~0.00%
Published-10 Feb, 2026 | 16:25
Updated-10 Feb, 2026 | 21:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use of uninitialized variable for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-TDX Module
CWE ID-CWE-457
Use of Uninitialized Variable
CVE-2025-32453
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.01% / 0.24%
||
7 Day CHG~0.00%
Published-10 Feb, 2026 | 16:25
Updated-20 Apr, 2026 | 12:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect default permissions for some Intel(R) Graphics Driver software within Ring 2: Privileged Process may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/aIntel Corporation
Product-core_i3-7300tcore_i5-10600kcore_i3-10110ycore_ultra_5_235hxgraphics_drivercore_i7-8700bcore_i9-10900fcore_i5-10400tcore_i7-8700tcore_ultra_5_235hcore_i7-8665uecore_m3-7y30core_i3-10305core_i7-9700fcore_i9-10900tcore_i5-7500tcore_i9-10885hcore_i3-10320core_ultra_7_155hlcore_i3-8300iris_plus_graphics_640core_i7-8550ucore_i7-1065g7graphics_softwarecore_ultra_7_265harc_a310uhd_graphics_600uhd_graphicscore_i7-8086kcore_i3-8121ucore_i3-7320core_i5-8365ucore_i7-7820hqcore_i9-9900tcore_i5-8350ucore_i5-8500core_i5-1030g7core_i5-8279ucore_i7-7500ucore_i5-10210ycore_i3-1000g4core_i7-10700fcore_i3-8100hcore_i5-10600tlinux_intel_lts_kernelcore_i5-7300ucore_i5-7360ucore_ultra_7_255hcore_i5-8300hcore_ultra_5_125hlcore_ultra_7_258vcore_ultra_5_225tcore_ultra_7_356huhd_graphics_750core_i5-8305gcore_i7-10610ucore_ultra_7_155ucore_i5-7600core_m3-7y32arc_b390core_i7-7660ucore_ultra_7_366hcore_i7-10870hcore_i7-9700kcore_ultra_9_285hxcore_i3-8100bcore_ultra_7_266vcore_ultra_9_288vcore_i7-10700tcore_ultra_5_135ucore_i7-7560ucore_i7-7920hqiris_plus_graphics_645core_i7-10700core_ultra_5_322core_ultra_5_245hxcore_i7-1060ng7uhd_graphics_610arc_b370core_ultra_5_332core_i7-8706gcore_i9-9900karc_130vcore_ultra_7_256vcore_ultra_9_275hxcore_ultra_9_185hcore_i5-8259ucore_i7-10700kfcore_i3-10325core_i5-7500core_i3-1000g1core_i3-7102earc_a770mcore_i9-10850karc_a380core_i3-7100tcore_i7-10850hcore_i7-7700kcore_i9-10900tecore_i3-8300tcore_ultra_5_245core_i5-10505core_i7-10810ucore_i5-10210ucore_i5-7200ucore_i9-10980hkcore_i3-7100ucore_i5-10400core_i7-10510ucore_ultra_7_165ulcore_i9-10900core_ultra_5_245tcore_i3-10100core_i3-10100ecore_i7-9700tecore_i7-8569ucore_i3-1000ng4core_i5-7440hqcore_i3-7100core_i3-8109ucore_i3-8145ucore_ultra_7_265tcore_i5-1038ng7core_i5-7400core_i7-8750hcore_ultra_7_365core_i5-10600kfcore_i5-8250uarc_pro_b50arc_b580core_i7-8705ghd_graphics_610core_i3-7100hcore_ultra_7_265ucore_i7-8850hcore_ultra_5_135harc_a570mcore_ultra_7_164ucore_i5-1035g7core_i7-7600uuhd_graphics_620uhd_graphics_630core_ultra_5_236vcore_ultra_5_225ucore_ultra_7_155ulcore_i3-7101tecore_i7-9700tcore_i7-7820eqcore_ultra_5_338hcore_i7-10700tehd_graphics_630uhd_graphics_615core_ultra_7_355core_i3-7101earc_140tcore_i9-10900ecore_i3-10100tcore_ultra_5_134ucore_i5-8500tcore_i5-10500hcore_i7-9750hfcore_i5-10200hcore_i5-7y57arc_a750core_i5-10400hcore_ultra_3_105ulcore_ultra_7_255hxcore_i7-10510ycore_i5-8600core_i5-7442eqcore_i5-7267ucore_i7-10700earc_a730mcore_i3-8100hd_graphics_620core_i5-8500bcore_i7-8557ucore_i7-10750hcore_i5-7600kcore_i7-10875hcore_i7-8700iris_plus_graphics_655core_ultra_9_285core_i7-1060g7core_ultra_7_265core_ultra_9_285hcore_i3-7167ucore_i7-9700kfarc_pro_b60core_i5-7600tcore_i7-7y75core_ultra_5_238varc_130tcore_ultra_7_165ucore_ultra_5_235tcore_i5-1035g1core_i3-8350kcore_i9-10910core_i7-9750hcore_i3-7300core_ultra_7_265hxcore_i5-8600kcore_ultra_5_135ulcore_i9-9880hcore_i5-8257ucore_i5-10310ucore_i5-10500tcore_i7-7567uarc_a580core_i5-7260ucore_i5-10500tecore_i3-10110ucore_i7-8809gcore_i5-8265ucore_i5-7287ucore_i7-9700core_i5-10500ecore_ultra_7_155hcore_i3-7100ecore_ultra_7_265karc_a530mcore_ultra_5_225core_i3-10300core_i7-9850hearc_a370mcore_i5-8400bcore_i5-7400tcore_i3-1005g1core_ultra_9_285tcore_i5-8400hcore_ultra_5_336hcore_i7-8650ucore_i5-10500core_ultra_5_335core_ultra_x9_388hhd_graphics_615core_i3-8130ucore_i5-1030ng7core_i3-10105tcore_i9-10900kuhd_graphics_730arc_a550mcore_ultra_7_255ucore_i7-7700hqcore_i3-10300tarc_a350mcore_i9-9900kfcore_ultra_9_285kcore_i5-7300hqcore_i7-8700kcore_i5-8400tceleron_n5095core_i3-8100tcore_ultra_5_225hcore_ultra_5_115ucore_i5-10300hcore_i7-1068ng7core_i5-1030g4core_i5-7y54core_i7-7700core_ultra_5_125hcore_i5-10400fcore_i3-8145uecore_ultra_5_325core_ultra_5_228vcore_ultra_5_245kcore_i5\+8400core_i7-8500ycore_i7-8709gcore_i7-9850harc_a770core_i3-10105core_i5-10600core_i7-7700tcore_ultra_7_268vcore_i3-10100tecore_i5-10310ycore_ultra_5_235core_i7-10700kcore_i3-7020ucore_i7-7820hkiris_plus_graphics_650core_i7-10710ucore_i9-10900kfcore_i5-8269ucore_i5-7440eqcore_ultra_7_165hcore_i5-8600tcore_ultra_5_135hlarc_140vcore_m3-8100ycore_i5-1035g4core_i5-8260uarc_b570core_i5-8200ycore_i9-9900kscore_i3-7130ucore_ultra_7_165hlcore_i3-10305tcore_i3-10100fcore_ultra_x7_358hcore_i3-7350kcore_i7-8559ucore_ultra_9_386hcore_ultra_5_226vcore_ultra_5_235ucore_i3-8140ucore_i7\+8700core_i7-9850hlcore_i5-8365uecore_i3-10100ycore_i5-8310ycore_i9-9980hkuhd_graphics_605core_ultra_5_125ulcore_ultra_5_125ucore_i7-8565ucore_i7-8665ucore_i5\+8500core_i7-9700ecore_i5-8400core_i9-9900core_i5-8210ycore_i3-10105fIntel(R) Graphics Driver software
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2025-32452
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.02% / 4.26%
||
7 Day CHG~0.00%
Published-10 Feb, 2026 | 16:25
Updated-10 Feb, 2026 | 21:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path for some AI Playground before version 2.6.1 beta within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-AI Playground
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2025-32092
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.01% / 0.24%
||
7 Day CHG~0.00%
Published-10 Feb, 2026 | 16:25
Updated-20 Apr, 2026 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure inherited permissions for some Intel(R) Graphics Software before version 25.30.1702.0 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/aIntel Corporation
Product-arc_b370core_ultra_3_105ulcore_ultra_5_332core_ultra_7_255hxarc_130vcore_ultra_5_235hxarc_a550mcore_ultra_7_255ucore_ultra_7_256vgraphics_driverarc_a730mcore_ultra_9_275hxcore_ultra_5_235hcore_ultra_9_185harc_a350mcore_ultra_9_285arc_a770mcore_ultra_7_265core_ultra_7_155hlcore_ultra_9_285kcore_ultra_9_285harc_a380arc_pro_b60core_ultra_5_225harc_pro_a50core_ultra_5_115ucore_ultra_5_245core_ultra_5_238vcore_ultra_7_165uarc_130tcore_ultra_5_235tgraphics_softwarecore_ultra_7_265harc_a310core_ultra_5_125hcore_ultra_7_165ulcore_ultra_5_245tcore_ultra_7_265hxcore_ultra_5_325core_ultra_5_228vcore_ultra_5_245kcore_ultra_5_135ularc_a770arc_pro_a30mcore_ultra_7_268vcore_ultra_7_265tcore_ultra_5_235core_ultra_7_365arc_pro_a40arc_a580arc_pro_b50arc_b580arc_pro_a60mcore_ultra_7_165hcore_ultra_5_135hlarc_140vcore_ultra_7_265ucore_ultra_5_135hcore_ultra_7_155hlinux_intel_lts_kernelarc_a570mcore_ultra_7_164ucore_ultra_7_265karc_a530mcore_ultra_5_225core_ultra_7_255harc_b570core_ultra_5_236vcore_ultra_5_225ucore_ultra_7_155ularc_a370mcore_ultra_5_125hlcore_ultra_7_258vcore_ultra_5_225tcore_ultra_7_165hlcore_ultra_7_356hcore_ultra_x7_358hcore_ultra_9_386hcore_ultra_9_285tarc_pro_a60core_ultra_5_226vcore_ultra_5_336hcore_ultra_7_155ucore_ultra_5_338hcore_ultra_5_235ucore_ultra_5_335core_ultra_x9_388harc_b390core_ultra_7_366hcore_ultra_7_355core_ultra_9_285hxarc_140tcore_ultra_7_266vcore_ultra_9_288vcore_ultra_5_125ulcore_ultra_5_125ucore_ultra_5_134ucore_ultra_5_135ucore_ultra_5_322core_ultra_5_245hxarc_a750Intel(R) Graphics Software
CWE ID-CWE-277
Insecure Inherited Permissions
CVE-2025-32008
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-8.7||HIGH
EPSS-0.08% / 23.90%
||
7 Day CHG~0.00%
Published-10 Feb, 2026 | 16:25
Updated-10 Feb, 2026 | 21:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write in the firmware for the Intel(R) AMT and Intel(R) Standard Manageability within Ring 3: User Applications may allow a denial of service. Network adversary with an unauthenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via network access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (low) impacts.

Action-Not Available
Vendor-n/a
Product-Intel(R) AMT and Intel(R) Standard Manageability
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-32007
Assigner-Intel Corporation
ShareView Details
Assigner-Intel Corporation
CVSS Score-5.6||MEDIUM
EPSS-0.02% / 4.39%
||
7 Day CHG~0.00%
Published-10 Feb, 2026 | 16:25
Updated-10 Feb, 2026 | 21:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds read for some TDX before version tdx module 1.5.24 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

Action-Not Available
Vendor-n/a
Product-TDX
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 83
  • 84
  • Next