Windows Push Notification Service
by Microsoft
CVEs (13)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-26172 | Hig | 0.51 | 7.8 | 0.00 | Apr 14, 2026 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-59209 | 0.00 | — | 0.00 | Oct 14, 2025 | Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally. | |||
| CVE-2025-53726 | 0.00 | — | 0.01 | Aug 12, 2025 | Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-53725 | 0.00 | — | 0.01 | Aug 12, 2025 | Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. | |||
| CVE-2022-29125 | 0.00 | — | 0.00 | May 10, 2022 | Windows Push Notifications Apps Elevation of Privilege Vulnerability | |||
| CVE-2022-21867 | 0.00 | — | 0.01 | Jan 11, 2022 | Windows Push Notifications Apps Elevation of Privilege Vulnerability | |||
| CVE-2020-1387 | 0.00 | — | 0.00 | Jul 14, 2020 | An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. | |||
| CVE-2020-1137 | 0.00 | — | 0.00 | May 21, 2020 | An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. | |||
| CVE-2020-1017 | 0.00 | — | 0.00 | Apr 15, 2020 | An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0940, CVE-2020-1001, CVE-2020-1006. | |||
| CVE-2020-1016 | 0.00 | — | 0.01 | Apr 15, 2020 | An information disclosure vulnerability exists when the Windows Push Notification Service improperly handles objects in memory, aka 'Windows Push Notification Service Information Disclosure Vulnerability'. | |||
| CVE-2020-1006 | 0.00 | — | 0.00 | Apr 15, 2020 | An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0940, CVE-2020-1001, CVE-2020-1017. | |||
| CVE-2020-1001 | 0.00 | — | 0.00 | Apr 15, 2020 | An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0940, CVE-2020-1006, CVE-2020-1017. | |||
| CVE-2020-0940 | 0.00 | — | 0.00 | Apr 15, 2020 | An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1001, CVE-2020-1006, CVE-2020-1017. |
- risk 0.51cvss 7.8epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
- CVE-2025-59209Oct 14, 2025risk 0.00cvss —epss 0.00
Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally.
- CVE-2025-53726Aug 12, 2025risk 0.00cvss —epss 0.01
Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
- CVE-2025-53725Aug 12, 2025risk 0.00cvss —epss 0.01
Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
- CVE-2022-29125May 10, 2022risk 0.00cvss —epss 0.00
Windows Push Notifications Apps Elevation of Privilege Vulnerability
- CVE-2022-21867Jan 11, 2022risk 0.00cvss —epss 0.01
Windows Push Notifications Apps Elevation of Privilege Vulnerability
- CVE-2020-1387Jul 14, 2020risk 0.00cvss —epss 0.00
An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'.
- CVE-2020-1137May 21, 2020risk 0.00cvss —epss 0.00
An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'.
- CVE-2020-1017Apr 15, 2020risk 0.00cvss —epss 0.00
An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0940, CVE-2020-1001, CVE-2020-1006.
- CVE-2020-1016Apr 15, 2020risk 0.00cvss —epss 0.01
An information disclosure vulnerability exists when the Windows Push Notification Service improperly handles objects in memory, aka 'Windows Push Notification Service Information Disclosure Vulnerability'.
- CVE-2020-1006Apr 15, 2020risk 0.00cvss —epss 0.00
An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0940, CVE-2020-1001, CVE-2020-1017.
- CVE-2020-1001Apr 15, 2020risk 0.00cvss —epss 0.00
An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0940, CVE-2020-1006, CVE-2020-1017.
- CVE-2020-0940Apr 15, 2020risk 0.00cvss —epss 0.00
An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1001, CVE-2020-1006, CVE-2020-1017.