Microsoft Windows
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Windows.
Recent Microsoft Windows Security Advisories
| Advisory | Title | Published |
|---|---|---|
| CVE-2026-27199 | CVE-2026-27199 Werkzeug safe_join() allows Windows special device names | February 25, 2026 |
| CVE-2026-21245 | CVE-2026-21245 Windows Kernel Elevation of Privilege Vulnerability | February 10, 2026 |
| CVE-2026-21255 | CVE-2026-21255 Windows Hyper-V Security Feature Bypass Vulnerability | February 10, 2026 |
| CVE-2026-20841 | CVE-2026-20841 Windows Notepad App Remote Code Execution Vulnerability | February 10, 2026 |
| CVE-2026-21222 | CVE-2026-21222 Windows Kernel Information Disclosure Vulnerability | February 10, 2026 |
| CVE-2026-21231 | CVE-2026-21231 Windows Kernel Elevation of Privilege Vulnerability | February 10, 2026 |
| CVE-2026-21232 | CVE-2026-21232 Windows HTTP.sys Elevation of Privilege Vulnerability | February 10, 2026 |
| CVE-2026-21237 | CVE-2026-21237 Windows Subsystem for Linux Elevation of Privilege Vulnerability | February 10, 2026 |
| CVE-2026-21238 | CVE-2026-21238 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | February 10, 2026 |
| CVE-2026-21239 | CVE-2026-21239 Windows Kernel Elevation of Privilege Vulnerability | February 10, 2026 |
Known Exploited Microsoft Windows Vulnerabilities
The following Microsoft Windows vulnerabilities have recently been marked by CISA as Known to be Exploited by threat actors.
| Title | Description | Added |
|---|---|---|
| Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability |
Microsoft Windows Video ActiveX Control contains a remote code execution vulnerability. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. CVE-2008-0015 Exploit Probability: 80.6% |
February 17, 2026 |
| Microsoft Windows Type Confusion Vulnerability |
Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally. CVE-2026-21519 Exploit Probability: 2.0% |
February 10, 2026 |
| Microsoft Internet Explorer Protection Mechanism Failure Vulnerability |
Microsoft Internet Explorer contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network. CVE-2026-21513 Exploit Probability: 4.1% |
February 10, 2026 |
| Microsoft Windows NULL Pointer Dereference Vulnerability |
Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally. CVE-2026-21525 Exploit Probability: 2.2% |
February 10, 2026 |
| Microsoft Windows Shell Protection Mechanism Failure Vulnerability |
Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network. CVE-2026-21510 Exploit Probability: 2.7% |
February 10, 2026 |
| Microsoft Windows Improper Privilege Management Vulnerability |
Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privileges locally. CVE-2026-21533 Exploit Probability: 1.6% |
February 10, 2026 |
| Microsoft Windows Information Disclosure Vulnerability |
Microsoft Windows Desktop Windows Manager contains an information disclosure vulnerability that allows an authorized attacker to disclose information locally. CVE-2026-20805 Exploit Probability: 4.1% |
January 13, 2026 |
| Microsoft Windows Use After Free Vulnerability |
Microsoft Windows Cloud Files Mini Filter Driver contains a use after free vulnerability that can allow an authorized attacker to elevate privileges locally. CVE-2025-62221 Exploit Probability: 2.7% |
December 9, 2025 |
| Microsoft Windows Race Condition Vulnerability |
Microsoft Windows Kernel contains a race condition vulnerability that allows a local attacker with low-level privileges to escalate privileges. Successful exploitation of this vulnerability could enable the attacker to gain SYSTEM-level access. CVE-2025-62215 Exploit Probability: 0.5% |
November 12, 2025 |
| Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability |
Microsoft Windows Server Update Service (WSUS) contains a deserialization of untrusted data vulnerability that allows for remote code execution. CVE-2025-59287 Exploit Probability: 71.4% |
October 24, 2025 |
| Microsoft Windows SMB Client Improper Access Control Vulnerability |
Microsoft Windows SMB Client contains an improper access control vulnerability that could allow for privilege escalation. An attacker could execute a specially crafted malicious script to coerce the victim machine to connect back to the attack system using SMB and authenticate. CVE-2025-33073 Exploit Probability: 51.2% |
October 20, 2025 |
| Microsoft Windows Untrusted Pointer Dereference Vulnerability |
Microsoft Windows Agere Modem Driver contains an untrusted pointer dereference vulnerability that allows for privilege escalation. An attacker who successfully exploited this vulnerability could gain administrator privileges. CVE-2025-24990 Exploit Probability: 6.4% |
October 14, 2025 |
| Microsoft Windows Improper Access Control Vulnerability |
Microsoft Windows contains an improper access control vulnerability in Windows Remote Access Connection Manager which could allow an authorized attacker to elevate privileges locally. CVE-2025-59230 Exploit Probability: 8.5% |
October 14, 2025 |
| Microsoft Windows Remote Code Execution Vulnerability |
Microsoft Windows Kernel contains an unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers that allows remote attackers to execute arbitrary code via crafted font data in a Word document or web page. CVE-2011-3402 Exploit Probability: 89.2% |
October 6, 2025 |
| Microsoft Windows Out-of-Bounds Write Vulnerability |
Microsoft Windows contains a n out-of-bounds write vulnerability in the InformationCardSigninHelper Class ActiveX control, icardie.dll. An attacker could exploit the vulnerability by constructing a specially crafted webpage. When a user views the webpage, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Use CVE-2013-3918 Exploit Probability: 87.8% |
October 6, 2025 |
| Microsoft Windows Privilege Escalation Vulnerability |
Microsoft Windows Common Log File System Driver contains a privilege escalation vulnerability that could allow a local, privileged attacker to bypass certain security mechanisms. CVE-2021-43226 Exploit Probability: 7.5% |
October 6, 2025 |
| Microsoft Windows Ancillary Function Driver for WinSock Use-After-Free Vulnerability |
Microsoft Windows Ancillary Function Driver for WinSock contains a use-after-free vulnerability that allows an authorized attacker to escalate privileges to administrator. CVE-2025-32709 Exploit Probability: 0.8% |
May 13, 2025 |
| Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability |
Microsoft Windows Common Log File System (CLFS) Driver contains a heap-based buffer overflow vulnerability that allows an authorized attacker to elevate privileges locally. CVE-2025-32706 Exploit Probability: 1.3% |
May 13, 2025 |
| Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability |
Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally. CVE-2025-32701 Exploit Probability: 1.5% |
May 13, 2025 |
| Microsoft Windows DWM Core Library Use-After-Free Vulnerability |
Microsoft Windows DWM Core Library contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally. CVE-2025-30400 Exploit Probability: 0.8% |
May 13, 2025 |
Of the known exploited vulnerabilities above, 3 are in the top 1%, or the 99th percentile of the EPSS exploit probability rankings. 2 known exploited Microsoft Windows vulnerabilities are in the top 5% (95th percentile or greater) of the EPSS exploit probability rankings.
Top 10 Riskiest Microsoft Windows Vulnerabilities
Based on the current exploit probability, these Microsoft Windows vulnerabilities are on CISA's Known Exploited vulnerabilities list (KEV) and are ranked by the current EPSS exploit probability.
| Rank | CVE | EPSS | Vulnerability |
|---|---|---|---|
| 1 | CVE-2021-1675 | 94.3% | Microsoft Windows Print Spooler Remote Code Execution Vulnerability |
| 2 | CVE-2018-8174 | 94.3% | Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability |
| 3 | CVE-2021-34527 | 94.3% | "PrintNightmare" - Microsoft Windows Print Spooler Remote Code Execution Vulnerability |
| 4 | CVE-2014-6332 | 94.1% | Microsoft Windows Object Linking & Embedding (OLE) Automation Array Remote Code Execution Vulnerabil |
| 5 | CVE-2017-8464 | 93.9% | Microsoft Windows Shell (.lnk) Remote Code Execution Vulnerability |
| 6 | CVE-2020-1350 | 93.8% | "SigRed" - Microsoft Windows Domain Name System (DNS) Server Remote Code Execution Vulnerability |
| 7 | CVE-2024-21412 | 93.8% | Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability |
| 8 | CVE-2022-30190 | 93.6% | Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability |
| 9 | CVE-2021-36942 | 93.6% | Microsoft Windows Local Security Authority (LSA) Spoofing |
| 10 | CVE-2017-0146 | 93.3% | Microsoft Windows SMB Remote Code Execution Vulnerability |
EOL Dates
Ensure that you are using a supported version of Microsoft Windows. Here are some end of life, and end of support dates for Microsoft Windows.
| Release | EOL | End of Support | Status |
|---|---|---|---|
| 11-26h1-e | March 13, 2029 | March 13, 2029 |
Active
Microsoft Windows 11-26h1-e will become EOL in 3 years (in 2029). |
| 11-26h1-w | March 14, 2028 | March 14, 2028 |
Active
Microsoft Windows 11-26h1-w will become EOL in two years (in 2028). |
| 11-25h2-e | October 10, 2028 | October 10, 2028 |
Active
Microsoft Windows 11-25h2-e will become EOL in two years (in 2028). |
| 11-25h2-w | October 12, 2027 | October 12, 2027 |
Active
Microsoft Windows 11-25h2-w will become EOL next year, in October 2027. |
| 11-24h2-iot-lts | October 10, 2034 | October 9, 2029 |
Active
Microsoft Windows 11-24h2-iot-lts will become EOL in 8 years (in 2034). |
| 11-24h2-e-lts | October 9, 2029 | October 9, 2029 |
Active
Microsoft Windows 11-24h2-e-lts will become EOL in 3 years (in 2029). |
| 11-24h2-e | October 12, 2027 | October 12, 2027 |
Active
Microsoft Windows 11-24h2-e will become EOL next year, in October 2027. |
| 11-24h2-w | October 13, 2026 | October 13, 2026 |
EOL This Year
Microsoft Windows 11-24h2-w will become EOL this year, in October 2026. |
| 11-23h2-e | November 10, 2026 | November 10, 2026 |
EOL This Year
Microsoft Windows 11-23h2-e will become EOL this year, in November 2026. |
| 11-23h2-w | November 11, 2025 | November 11, 2025 |
EOL
Microsoft Windows 11-23h2-w became EOL in 2025 and supported ended in 2025 |
| 10-22h2 | October 14, 2025 | October 14, 2025 |
EOL
Microsoft Windows 10-22h2 became EOL in 2025 and the extended support period ends in 2028. |
| 11-22h2-e | October 14, 2025 | October 14, 2025 |
EOL
Microsoft Windows 11-22h2-e became EOL in 2025 and supported ended in 2025 |
| 11-22h2-w | October 8, 2024 | October 8, 2024 |
EOL
Microsoft Windows 11-22h2-w became EOL in 2024 and supported ended in 2024 |
| 10-21h2-iot-lts | January 13, 2032 | January 12, 2027 |
Active
Microsoft Windows 10-21h2-iot-lts will become EOL in 6 years (in 2032). |
| 10-21h2-e-lts | January 12, 2027 | January 12, 2027 |
Active
Microsoft Windows 10-21h2-e-lts will become EOL next year, in January 2027. |
| 10-21h2-e | June 11, 2024 | June 11, 2024 |
EOL
Microsoft Windows 10-21h2-e became EOL in 2024 and supported ended in 2024 |
| 10-21h2-w | June 13, 2023 | June 13, 2023 |
EOL
Microsoft Windows 10-21h2-w became EOL in 2023 and supported ended in 2023 |
| 11-21h2-e | October 8, 2024 | October 8, 2024 |
EOL
Microsoft Windows 11-21h2-e became EOL in 2024 and supported ended in 2024 |
| 11-21h2-w | October 10, 2023 | October 10, 2023 |
EOL
Microsoft Windows 11-21h2-w became EOL in 2023 and supported ended in 2023 |
| 10-21h1 | December 13, 2022 | December 13, 2022 |
EOL
Microsoft Windows 10-21h1 became EOL in 2022 and supported ended in 2022 |
By the Year
In 2026 there have been 5 vulnerabilities in Microsoft Windows with an average score of 6.8 out of ten. Last year, in 2025 Windows had 111 security vulnerabilities published. Right now, Windows is on track to have less security vulnerabilities in 2026 than it did last year. Last year, the average CVE base score was greater by 0.26
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 5 | 6.76 |
| 2025 | 111 | 7.02 |
| 2024 | 172 | 7.19 |
| 2023 | 194 | 7.19 |
| 2022 | 82 | 7.42 |
| 2021 | 2 | 8.30 |
| 2020 | 167 | 7.94 |
| 2019 | 188 | 7.88 |
| 2018 | 6 | 7.80 |
It may take a day or so for new Windows vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Windows Security Vulnerabilities
Feb 2026: Denial of Service in Microsoft OS
CVE-2026-2636
5.5 - Medium
- February 25, 2026
This vulnerability is caused by a CWE159: "Improper Handling of Invalid Use of Special Elements" weakness, which leads to an unrecoverable inconsistency in the CLFS.sys driver. This condition forces a call to the KeBugCheckEx function, allowing an unprivileged user to trigger a system crash. Microsoft silently fixed this vulnerability in the September 2025 cumulative update for Windows 11 2024 LTSC and Windows Server 2025. Windows 25H2 (released in September) was released with the patch. Windows 1123h2 and earlier versions remain vulnerable.
Improper Handling of Invalid Use of Special Elements
Event Log Reader Privilege Esc. to Leak Proxy Credentials
CVE-2026-1495
6.5 - Medium
- February 10, 2026
The vulnerability, if exploited, could allow an attacker with Event Log Reader (S-1-5-32-573) privileges to obtain proxy details, including URL and proxy credentials, from the PI to CONNECT event log files. This could enable unauthorized access to the proxy server.
Insertion of Sensitive Information into Log File
W C vuln: OOB write in Windows Thread remote PrivEsc
CVE-2026-20418
9.8 - Critical
- February 02, 2026
In Thread, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00465153; Issue ID: MSV-4927.
Memory Corruption
MS Windows PCIe Driver OOB Write PrivEsc
CVE-2026-20417
5.3 - Medium
- February 02, 2026
In pcie, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10314946 / ALPS10340155; Issue ID: MSV-5154.
Memory Corruption
Windows imgsys OOB Write LPE (System)
CVE-2026-20413
6.7 - Medium
- February 02, 2026
In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10362725; Issue ID: MSV-5694.
Improper Validation of Specified Index, Position, or Offset in Input
Windows LPE via Int Overflow in mem_protect.c
CVE-2025-48637
7.8 - High
- December 08, 2025
In multiple functions of mem_protect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Integer Overflow or Wraparound
Windows Audio Confused Deputy Leak Priv Escalation
CVE-2025-22420
7.8 - High
- December 08, 2025
In multiple locations, there is a possible way to leak audio files across user profiles due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Confused Deputy
MS Windows Display Driver OOB Write PrivEsc
CVE-2025-20774
6.7 - Medium
- December 02, 2025
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4796.
Heap-based Buffer Overflow
Windows Display Driver UAF Enables Local Priv Escalation
CVE-2025-20770
6.7 - Medium
- December 02, 2025
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4803.
Dangling pointer
Microsoft Windows Display Driver OOB Write via Integer Overflow
CVE-2025-20767
7.8 - High
- December 02, 2025
In display, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4807.
Memory Corruption
Microsoft Windows WLAN AP Driver OOB Write Priv Esc
CVE-2025-20732
5.3 - Medium
- November 04, 2025
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege (when OceReducedNeighborReport is disabled). User interaction is not needed for exploitation. Patch ID: WCNCR00441510; Issue ID: MSV-4139.
Stack Overflow
Memory corruption when parsing GP command response in Windows
CVE-2025-27074
8.8 - High
- November 04, 2025
Memory corruption while processing a GP command response.
Incorrect Calculation of Buffer Size
Windows SCM Call Buffer Overflow Causing Memory Corruption
CVE-2025-27059
8.8 - High
- October 09, 2025
Memory corruption while performing SCM call.
Untrusted pointer offset
Windows Kernel: P2M Lock Race and NULL PTR in Page Mapping
CVE-2025-58144
7.5 - High
- September 11, 2025
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are two issues related to the mapping of pages belonging to other domains: For one, an assertion is wrong there, where the case actually needs handling. A NULL pointer de-reference could result on a release build. This is CVE-2025-58144. And then the P2M lock isn't held until a page reference was actually obtained (or the attempt to do so has failed). Otherwise the page can not only change type, but even ownership in between, thus allowing domain boundaries to be violated. This is CVE-2025-58145.
NULL Pointer Dereference
Sep 2025:
CVE-2025-59033
6.7 - Medium
- September 08, 2025
The Microsoft vulnerable driver block list is implemented as Windows Defender Application Control (WDAC) policy. Entries that specify only the to-be-signed (TBS) part of the code signer certificate are properly blocked, but entries that specify the signing certificate's TBS hash along with a 'FileAttribRef' qualifier (such as file name or version) may not be blocked, whether hypervisor-protected code integrity (HVCI) is enabled or not. NOTE: The vendor disputes this CVE ID assignment and states that the driver blocklist is intended for use with HVCI.
Unprotected Alternate Channel
Sep 2025:
CVE-2022-50238
6.7 - Medium
- September 08, 2025
The on-endpoint Microsoft vulnerable driver blocklist is not fully synchronized with the online Microsoft recommended driver block rules. Some entries present on the online list have been excluded from the on-endpoint blocklist longer than the expected periodic monthly Windows updates. It is possible to fully synchronize the driver blocklist using WDAC policies. NOTE: The vendor explains that Windows Update provides a smaller, compatibility-focused driver blocklist for general users, while the full XML list is available for advanced users and organizations to customize at the risk of usability issues.
Missing Synchronization
Aug 2025: Microsoft Windows LNK File UI Misrepresentation Remote Code Execution Vulnerability
CVE-2025-9491
3.3 - Low
- August 26, 2025
Microsoft Windows LNK File UI Misrepresentation Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of .LNK files. Crafted data in an .LNK file can cause hazardous content in the file to be invisible to a user who inspects the file via the Windows-provided user interface. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25373.
User Interface (UI) Misrepresentation of Critical Information
Aug 2025: Windows Storage Port Driver Information Disclosure Vulnerability
CVE-2025-53156
5.5 - Medium
- August 12, 2025
Exposure of sensitive information to an unauthorized actor in Storage Port Driver allows an authorized attacker to disclose information locally.
Information Disclosure
Aug 2025: Win32k Elevation of Privilege Vulnerability
CVE-2025-50168
7.8 - High
- August 12, 2025
Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
Object Type Confusion
Aug 2025: Win32k Elevation of Privilege Vulnerability
CVE-2025-50161
7.3 - High
- August 12, 2025
Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
Heap-based Buffer Overflow
Aug 2025: Windows Kernel Elevation of Privilege Vulnerability
CVE-2025-49761
7.8 - High
- August 12, 2025
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
Dangling pointer
Windows Kernel DDI Command Memory Corruption
CVE-2025-27069
7.8 - High
- August 06, 2025
Memory corruption while processing DDI command calls.
Untrusted Pointer Dereference
Windows Lock Screen flaw: Availability & Confidentiality
CVE-2025-54606
- August 06, 2025
Status verification vulnerability in the lock screen module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
Jul 2025: Windows Storage Spoofing Vulnerability
CVE-2025-49760
3.5 - Low
- July 08, 2025
External control of file name or path in Windows Storage allows an authorized attacker to perform spoofing over a network.
External Control of File Name or Path
Jul 2025: Win32k Elevation of Privilege Vulnerability
CVE-2025-49733
7.8 - High
- July 08, 2025
Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
Dangling pointer
Jul 2025: Microsoft Windows QoS Scheduler Driver Elevation of Privilege Vulnerability
CVE-2025-49730
7.8 - High
- July 08, 2025
Time-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate privileges locally.
TOCTTOU
Jul 2025: Win32k Elevation of Privilege Vulnerability
CVE-2025-49727
7 - High
- July 08, 2025
Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
Heap-based Buffer Overflow
Jul 2025: Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability
CVE-2025-49689
7.8 - High
- July 08, 2025
Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.
Integer Overflow or Wraparound
Jul 2025: Windows TCP/IP Driver Elevation of Privilege Vulnerability
CVE-2025-49686
7.8 - High
- July 08, 2025
Null pointer dereference in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
NULL Pointer Dereference
Jul 2025: NTFS Elevation of Privilege Vulnerability
CVE-2025-49678
7 - High
- July 08, 2025
Null pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges locally.
NULL Pointer Dereference
Jul 2025: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2025-49663
8.8 - High
- July 08, 2025
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
Heap-based Buffer Overflow
Jul 2025: Windows Transport Driver Interface (TDI) Translation Driver Information Disclosure Vulnera
CVE-2025-49658
5.5 - Medium
- July 08, 2025
Out-of-bounds read in Windows TDX.sys allows an authorized attacker to disclose information locally.
Out-of-bounds Read
Jul 2025: Windows BitLocker Security Feature Bypass Vulnerability
CVE-2025-48818
6.8 - Medium
- July 08, 2025
Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
TOCTTOU
Jul 2025: Windows BitLocker Security Feature Bypass Vulnerability
CVE-2025-48800
6.8 - Medium
- July 08, 2025
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
Protection Mechanism Failure
Jul 2025: Windows MBT Transport Driver Elevation of Privilege Vulnerability
CVE-2025-47996
7.8 - High
- July 08, 2025
Integer underflow (wrap or wraparound) in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally.
Integer underflow
Jul 2025: Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2025-47985
7.8 - High
- July 08, 2025
Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate privileges locally.
Untrusted Pointer Dereference
Jul 2025: Windows Storage VSP Driver Elevation of Privilege Vulnerability
CVE-2025-47982
7.8 - High
- July 08, 2025
Improper input validation in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.
Improper Input Validation
Jul 2025: SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerabilit
CVE-2025-47981
9.8 - Critical
- July 08, 2025
Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network.
Heap-based Buffer Overflow
Jul 2025: Windows Virtualization-Based Security (VBS) Elevation of Privilege Vulnerability
CVE-2025-47159
7.8 - High
- July 08, 2025
Protection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
Protection Mechanism Failure
Jul 2025: Windows Kernel Information Disclosure Vulnerability
CVE-2025-26636
5.5 - Medium
- July 08, 2025
Processor optimization removal or modification of security-critical code in Windows Kernel allows an authorized attacker to disclose information locally.
Processor Optimization Removal or Modification of Security-critical Code
OOB write in WLAN AP driver enabling local privilege escalation (Windows)
CVE-2025-20684
- July 08, 2025
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416939; Issue ID: MSV-3422.
Memory Corruption
Microsoft Windows: Vector Image Parse Stack Overflow in File Preview
CVE-2025-53173
4.3 - Medium
- July 07, 2025
Stack overflow risk when vector images are parsed during file preview Impact: Successful exploitation of this vulnerability may affect the file preview function.
Jun 2025: Windows Storage Management Provider Information Disclosure Vulnerability
CVE-2025-32719
5.5 - Medium
- June 10, 2025
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
Out-of-bounds Read
Jun 2025: Windows Storage Management Provider Information Disclosure Vulnerability
CVE-2025-33058
5.5 - Medium
- June 10, 2025
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
Out-of-bounds Read
Jun 2025: Windows Local Security Authority (LSA) Denial of Service Vulnerability
CVE-2025-33057
6.5 - Medium
- June 10, 2025
Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to deny service over a network.
NULL Pointer Dereference
Jun 2025: Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2025-32713
7.8 - High
- June 10, 2025
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
Heap-based Buffer Overflow
Jun 2025: Win32k Elevation of Privilege Vulnerability
CVE-2025-32712
7.8 - High
- June 10, 2025
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
Dangling pointer
Windows DNS Client Buffer Overflow via LLMNR/mDNS (CVE-2025-5688)
CVE-2025-5688
- June 04, 2025
We have identified a buffer overflow issue allowing out-of-bounds write when processing LLMNR or mDNS queries with very long DNS names. This issue only affects systems using Buffer Allocation Scheme 1 with LLMNR or mDNS enabled. Users should upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes.
Memory Corruption
Windows CreateProcess Memory Corruption with Partial Shell Binary
CVE-2025-21486
7.8 - High
- June 03, 2025
Memory corruption during dynamic process creation call when client is only passing address and length of shell binary.
Untrusted Pointer Dereference
May 2025: Windows Graphics Component Remote Code Execution Vulnerability
CVE-2025-30388
7.8 - High
- May 13, 2025
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
Heap-based Buffer Overflow
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Windows or by Microsoft? Click the Watch button to subscribe.
