Windows 11 23h2 Microsoft Windows 11 23h2

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Microsoft Windows 11 23h2.

By the Year

In 2025 there have been 153 vulnerabilities in Microsoft Windows 11 23h2 with an average score of 7.2 out of ten. Last year, in 2024 Windows 11 23h2 had 536 security vulnerabilities published. Right now, Windows 11 23h2 is on track to have less security vulnerabilities in 2025 than it did last year. Last year, the average CVE base score was greater by 0.16




Year Vulnerabilities Average Score
2025 153 7.19
2024 536 7.35
2023 49 7.72
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Windows 11 23h2 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Windows 11 23h2 Security Vulnerabilities

Use after free in Windows Common Log File System Driver

CVE-2025-29824 7.8 - High - April 08, 2025

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Dangling pointer

External control of file name or path in Windows NTLM

CVE-2025-24054 5.4 - Medium - March 11, 2025

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

External Control of File Name or Path

Integer overflow or wraparound in Windows Fast FAT Driver

CVE-2025-24985 7.8 - High - March 11, 2025

Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.

Integer Overflow or Wraparound

Insertion of sensitive information into log file in Windows NTFS

CVE-2025-24984 4.6 - Medium - March 11, 2025

Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.

Insertion of Sensitive Information into Log File

Out-of-bounds read in Windows NTFS

CVE-2025-24991 5.5 - Medium - March 11, 2025

Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.

Out-of-bounds Read

Heap-based buffer overflow in Windows NTFS

CVE-2025-24993 7.8 - High - March 11, 2025

Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.

Heap-based Buffer Overflow

Improper neutralization in Microsoft Management Console

CVE-2025-26633 7 - High - March 11, 2025

Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.

Improper Neutralization

Windows Core Messaging Elevation of Privileges Vulnerability

CVE-2025-21184 7 - High - February 11, 2025

Windows Core Messaging Elevation of Privileges Vulnerability

Heap-based Buffer Overflow

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21190 8.8 - High - February 11, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21200 8.8 - High - February 11, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Telephony Server Remote Code Execution Vulnerability

CVE-2025-21201 8.8 - High - February 11, 2025

Windows Telephony Server Remote Code Execution Vulnerability

Double-free

Internet Connection Sharing (ICS) Denial of Service Vulnerability

CVE-2025-21212 6.5 - Medium - February 11, 2025

Internet Connection Sharing (ICS) Denial of Service Vulnerability

Out-of-bounds Read

Internet Connection Sharing (ICS) Denial of Service Vulnerability

CVE-2025-21216 6.5 - Medium - February 11, 2025

Internet Connection Sharing (ICS) Denial of Service Vulnerability

Out-of-bounds Read

Internet Connection Sharing (ICS) Denial of Service Vulnerability

CVE-2025-21254 6.5 - Medium - February 11, 2025

Internet Connection Sharing (ICS) Denial of Service Vulnerability

Out-of-bounds Read

Windows NTFS Elevation of Privilege Vulnerability

CVE-2025-21337 3.3 - Low - February 11, 2025

Windows NTFS Elevation of Privilege Vulnerability

Authorization

Windows Deployment Services Denial of Service Vulnerability

CVE-2025-21347 6 - Medium - February 11, 2025

Windows Deployment Services Denial of Service Vulnerability

insecure temporary file

Windows Remote Desktop Configuration Service Tampering Vulnerability

CVE-2025-21349 6.8 - Medium - February 11, 2025

Windows Remote Desktop Configuration Service Tampering Vulnerability

authentification

Windows Kerberos Denial of Service Vulnerability

CVE-2025-21350 5.9 - Medium - February 11, 2025

Windows Kerberos Denial of Service Vulnerability

Improper Input Validation

Microsoft Digest Authentication Remote Code Execution Vulnerability

CVE-2025-21368 8.8 - High - February 11, 2025

Microsoft Digest Authentication Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Microsoft Digest Authentication Remote Code Execution Vulnerability

CVE-2025-21369 8.8 - High - February 11, 2025

Microsoft Digest Authentication Remote Code Execution Vulnerability

Integer Overflow or Wraparound

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21371 8.8 - High - February 11, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Installer Elevation of Privilege Vulnerability

CVE-2025-21373 7.8 - High - February 11, 2025

Windows Installer Elevation of Privilege Vulnerability

insecure temporary file

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

CVE-2025-21375 7.8 - High - February 11, 2025

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

Improper Input Validation

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

CVE-2025-21376 8.1 - High - February 11, 2025

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

Race Condition

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

CVE-2025-21181 7.5 - High - February 11, 2025

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Resource Exhaustion

NTLM Hash Disclosure Spoofing Vulnerability

CVE-2025-21377 6.5 - Medium - February 11, 2025

NTLM Hash Disclosure Spoofing Vulnerability

External Control of File Name or Path

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21406 8.8 - High - February 11, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Dangling pointer

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21407 8.8 - High - February 11, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Core Messaging Elevation of Privileges Vulnerability

CVE-2025-21414 7 - High - February 11, 2025

Windows Core Messaging Elevation of Privileges Vulnerability

Heap-based Buffer Overflow

Windows Setup Files Cleanup Elevation of Privilege Vulnerability

CVE-2025-21419 7.1 - High - February 11, 2025

Windows Setup Files Cleanup Elevation of Privilege Vulnerability

insecure temporary file

Windows Disk Cleanup Tool Elevation of Privilege Vulnerability

CVE-2025-21420 7.8 - High - February 11, 2025

Windows Disk Cleanup Tool Elevation of Privilege Vulnerability

insecure temporary file

Windows Storage Elevation of Privilege Vulnerability

CVE-2025-21391 7.1 - High - February 11, 2025

Windows Storage Elevation of Privilege Vulnerability

insecure temporary file

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

CVE-2025-21418 7.8 - High - February 11, 2025

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Heap-based Buffer Overflow

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

CVE-2025-21325 7.8 - High - January 17, 2025

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

Incorrect Permission Assignment for Critical Resource

Windows CSC Service Elevation of Privilege Vulnerability

CVE-2025-21378 7.8 - High - January 14, 2025

Windows CSC Service Elevation of Privilege Vulnerability

Heap-based Buffer Overflow

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21417 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21413 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21411 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21409 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows upnphost.dll Denial of Service Vulnerability

CVE-2025-21389 7.5 - High - January 14, 2025

Windows upnphost.dll Denial of Service Vulnerability

Resource Exhaustion

Windows Graphics Component Elevation of Privilege Vulnerability

CVE-2025-21382 7.8 - High - January 14, 2025

Windows Graphics Component Elevation of Privilege Vulnerability

Integer Overflow or Wraparound

Windows CSC Service Information Disclosure Vulnerability

CVE-2025-21374 5.5 - Medium - January 14, 2025

Windows CSC Service Information Disclosure Vulnerability

Out-of-bounds Read

Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability

CVE-2025-21370 8.8 - High - January 14, 2025

Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability

Improper Input Validation

Windows Web Threat Defense User Service Information Disclosure Vulnerability

CVE-2025-21343 7.5 - High - January 14, 2025

Windows Web Threat Defense User Service Information Disclosure Vulnerability

Improper Privilege Management

Microsoft Message Queuing Information Disclosure Vulnerability

CVE-2025-21220 7.5 - High - January 14, 2025

Microsoft Message Queuing Information Disclosure Vulnerability

Use of Uninitialized Resource

MapUrlToZone Security Feature Bypass Vulnerability

CVE-2025-21219 4.3 - Medium - January 14, 2025

MapUrlToZone Security Feature Bypass Vulnerability

Improper Resolution of Path Equivalence

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

CVE-2025-21335 7.8 - High - January 14, 2025

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

Dangling pointer

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

CVE-2025-21334 7.8 - High - January 14, 2025

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

Dangling pointer

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

CVE-2025-21333 7.8 - High - January 14, 2025

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

Heap-based Buffer Overflow

MapUrlToZone Security Feature Bypass Vulnerability

CVE-2025-21189 4.3 - Medium - January 14, 2025

MapUrlToZone Security Feature Bypass Vulnerability

Improper Resolution of Path Equivalence

Windows Recovery Environment Agent Elevation of Privilege Vulnerability

CVE-2025-21202 6.1 - Medium - January 14, 2025

Windows Recovery Environment Agent Elevation of Privilege Vulnerability

Authorization

Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability

CVE-2025-21207 7.5 - High - January 14, 2025

Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability

Resource Exhaustion

Windows BitLocker Information Disclosure Vulnerability

CVE-2025-21210 4.2 - Medium - January 14, 2025

Windows BitLocker Information Disclosure Vulnerability

Failing Open

Secure Boot Security Feature Bypass Vulnerability

CVE-2025-21211 6.8 - Medium - January 14, 2025

Secure Boot Security Feature Bypass Vulnerability

Protection Mechanism Failure

Secure Boot Security Feature Bypass Vulnerability

CVE-2025-21213 4.6 - Medium - January 14, 2025

Secure Boot Security Feature Bypass Vulnerability

Authorization

Windows BitLocker Information Disclosure Vulnerability

CVE-2025-21214 4.2 - Medium - January 14, 2025

Windows BitLocker Information Disclosure Vulnerability

Information Disclosure

Secure Boot Security Feature Bypass Vulnerability

CVE-2025-21215 4.6 - Medium - January 14, 2025

Secure Boot Security Feature Bypass Vulnerability

Out-of-bounds Read

Windows NTLM Spoofing Vulnerability

CVE-2025-21217 6.5 - Medium - January 14, 2025

Windows NTLM Spoofing Vulnerability

Protection Mechanism Failure

Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-21341 6.6 - Medium - January 14, 2025

Windows Digital Media Elevation of Privilege Vulnerability

Out-of-bounds Read

Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability

CVE-2025-21340 5.5 - Medium - January 14, 2025

Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability

Authorization

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21339 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

GDI+ Remote Code Execution Vulnerability

CVE-2025-21338 7.8 - High - January 14, 2025

GDI+ Remote Code Execution Vulnerability

Integer Overflow or Wraparound

Windows Cryptographic Information Disclosure Vulnerability

CVE-2025-21336 5.6 - Medium - January 14, 2025

Windows Cryptographic Information Disclosure Vulnerability

Side Channel Attack

MapUrlToZone Security Feature Bypass Vulnerability

CVE-2025-21332 8.8 - High - January 14, 2025

MapUrlToZone Security Feature Bypass Vulnerability

Improper Resolution of Path Equivalence

Windows Installer Elevation of Privilege Vulnerability

CVE-2025-21331 7.3 - High - January 14, 2025

Windows Installer Elevation of Privilege Vulnerability

insecure temporary file

Windows Remote Desktop Services Denial of Service Vulnerability

CVE-2025-21330 7.5 - High - January 14, 2025

Windows Remote Desktop Services Denial of Service Vulnerability

Resource Exhaustion

MapUrlToZone Security Feature Bypass Vulnerability

CVE-2025-21328 4.3 - Medium - January 14, 2025

MapUrlToZone Security Feature Bypass Vulnerability

Improper Resolution of Path Equivalence

Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-21327 6.6 - Medium - January 14, 2025

Windows Digital Media Elevation of Privilege Vulnerability

Out-of-bounds Read

Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-21324 6.6 - Medium - January 14, 2025

Windows Digital Media Elevation of Privilege Vulnerability

Out-of-bounds Read

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-21323 5.5 - Medium - January 14, 2025

Windows Kernel Memory Information Disclosure Vulnerability

Insertion of Sensitive Information into Log File

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-21321 5.5 - Medium - January 14, 2025

Windows Kernel Memory Information Disclosure Vulnerability

Insertion of Sensitive Information into Log File

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-21320 5.5 - Medium - January 14, 2025

Windows Kernel Memory Information Disclosure Vulnerability

Insertion of Sensitive Information into Log File

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-21319 5.5 - Medium - January 14, 2025

Windows Kernel Memory Information Disclosure Vulnerability

Insertion of Sensitive Information into Log File

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-21318 5.5 - Medium - January 14, 2025

Windows Kernel Memory Information Disclosure Vulnerability

Insertion of Sensitive Information into Log File

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-21317 5.5 - Medium - January 14, 2025

Windows Kernel Memory Information Disclosure Vulnerability

Insertion of Sensitive Information into Log File

Windows Kernel Memory Information Disclosure Vulnerability

CVE-2025-21316 5.5 - Medium - January 14, 2025

Windows Kernel Memory Information Disclosure Vulnerability

Insertion of Sensitive Information into Log File

MapUrlToZone Security Feature Bypass Vulnerability

CVE-2025-21329 4.3 - Medium - January 14, 2025

MapUrlToZone Security Feature Bypass Vulnerability

Improper Resolution of Path Equivalence

Windows Smart Card Reader Information Disclosure Vulnerability

CVE-2025-21312 2.4 - Low - January 14, 2025

Windows Smart Card Reader Information Disclosure Vulnerability

Use of Uninitialized Resource

Windows Digital Media Elevation of Privilege Vulnerability

CVE-2025-21310 6.6 - Medium - January 14, 2025

Windows Digital Media Elevation of Privilege Vulnerability

Out-of-bounds Read

Windows Themes Spoofing Vulnerability

CVE-2025-21308 6.5 - Medium - January 14, 2025

Windows Themes Spoofing Vulnerability

Information Disclosure

Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability

CVE-2025-21307 9.8 - Critical - January 14, 2025

Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability

Dangling pointer

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21306 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21305 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21303 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21302 8.8 - High - January 14, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Geolocation Service Information Disclosure Vulnerability

CVE-2025-21301 6.5 - Medium - January 14, 2025

Windows Geolocation Service Information Disclosure Vulnerability

Authorization

Windows upnphost.dll Denial of Service Vulnerability

CVE-2025-21300 7.5 - High - January 14, 2025

Windows upnphost.dll Denial of Service Vulnerability

Resource Exhaustion

Windows Kerberos Security Feature Bypass Vulnerability

CVE-2025-21299 7.8 - High - January 14, 2025

Windows Kerberos Security Feature Bypass Vulnerability

Insecure Storage of Sensitive Information

Windows OLE Remote Code Execution Vulnerability

CVE-2025-21298 9.8 - Critical - January 14, 2025

Windows OLE Remote Code Execution Vulnerability

Dangling pointer

BranchCache Remote Code Execution Vulnerability

CVE-2025-21296 7.5 - High - January 14, 2025

BranchCache Remote Code Execution Vulnerability

Dangling pointer

SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability

CVE-2025-21295 8.1 - High - January 14, 2025

SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability

Dangling pointer

Microsoft Digest Authentication Remote Code Execution Vulnerability

CVE-2025-21294 8.1 - High - January 14, 2025

Microsoft Digest Authentication Remote Code Execution Vulnerability

Sensitive Data Storage in Improperly Locked Memory

Active Directory Domain Services Elevation of Privilege Vulnerability

CVE-2025-21293 8.8 - High - January 14, 2025

Active Directory Domain Services Elevation of Privilege Vulnerability

Authorization

Windows Search Service Elevation of Privilege Vulnerability

CVE-2025-21292 8.8 - High - January 14, 2025

Windows Search Service Elevation of Privilege Vulnerability

Code Injection

Windows Direct Show Remote Code Execution Vulnerability

CVE-2025-21291 8.8 - High - January 14, 2025

Windows Direct Show Remote Code Execution Vulnerability

Double-free

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

CVE-2025-21290 7.5 - High - January 14, 2025

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Resource Exhaustion

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

CVE-2025-21289 7.5 - High - January 14, 2025

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Resource Exhaustion

Windows COM Server Information Disclosure Vulnerability

CVE-2025-21288 6.5 - Medium - January 14, 2025

Windows COM Server Information Disclosure Vulnerability

Use of Uninitialized Resource

Windows Installer Elevation of Privilege Vulnerability

CVE-2025-21287 7.8 - High - January 14, 2025

Windows Installer Elevation of Privilege Vulnerability

Improper Privilege Management

MapUrlToZone Security Feature Bypass Vulnerability

CVE-2025-21268 4.3 - Medium - January 14, 2025

MapUrlToZone Security Feature Bypass Vulnerability

Improper Resolution of Path Equivalence

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Windows Server 2025 or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

subscribe