Microsoft Windows 11 23h2
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Windows 11 23h2.
By the Year
In 2025 there have been 12 vulnerabilities in Microsoft Windows 11 23h2 with an average score of 8.0 out of ten. Last year, in 2024 Windows 11 23h2 had 536 security vulnerabilities published. Right now, Windows 11 23h2 is on track to have less security vulnerabilities in 2025 than it did last year. However, the average CVE base score of the vulnerabilities in 2025 is greater by 0.65.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 12 | 8.00 |
2024 | 536 | 7.35 |
2023 | 49 | 7.72 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Windows 11 23h2 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Windows 11 23h2 Security Vulnerabilities
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
CVE-2025-21370
8.8 - High
- January 14, 2025
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
Improper Input Validation
Windows CSC Service Information Disclosure Vulnerability
CVE-2025-21374
5.5 - Medium
- January 14, 2025
Windows CSC Service Information Disclosure Vulnerability
Out-of-bounds Read
Windows CSC Service Elevation of Privilege Vulnerability
CVE-2025-21378
7.8 - High
- January 14, 2025
Windows CSC Service Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2025-21382
7.8 - High
- January 14, 2025
Windows Graphics Component Elevation of Privilege Vulnerability
Integer Overflow or Wraparound
Windows upnphost.dll Denial of Service Vulnerability
CVE-2025-21389
7.5 - High
- January 14, 2025
Windows upnphost.dll Denial of Service Vulnerability
Resource Exhaustion
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21409
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21411
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21413
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21417
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
CVE-2025-21333
7.8 - High
- January 14, 2025
Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
CVE-2025-21334
7.8 - High
- January 14, 2025
Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
Dangling pointer
Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
CVE-2025-21335
7.8 - High
- January 14, 2025
Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
Dangling pointer
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
CVE-2024-49110
6.8 - Medium
- December 12, 2024
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
Out-of-bounds Read
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
CVE-2024-49111
6.6 - Medium
- December 12, 2024
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows Hyper-V Remote Code Execution Vulnerability
CVE-2024-49117
8.8 - High
- December 12, 2024
Windows Hyper-V Remote Code Execution Vulnerability
Return of Wrong Status Code
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
CVE-2024-49121
7.5 - High
- December 12, 2024
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
NULL Pointer Dereference
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2024-49122
8.1 - High
- December 12, 2024
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Race Condition
Windows Remote Desktop Services Remote Code Execution Vulnerability
CVE-2024-49123
8.1 - High
- December 12, 2024
Windows Remote Desktop Services Remote Code Execution Vulnerability
Race Condition
Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability
CVE-2024-49126
8.1 - High
- December 12, 2024
Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability
Race Condition
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2024-49127
8.1 - High
- December 12, 2024
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Race Condition
Windows Remote Desktop Services Remote Code Execution Vulnerability
CVE-2024-49132
8.1 - High
- December 12, 2024
Windows Remote Desktop Services Remote Code Execution Vulnerability
Race Condition
Windows Task Scheduler Elevation of Privilege Vulnerability
CVE-2024-49072
7.8 - High
- December 12, 2024
Windows Task Scheduler Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
CVE-2024-49073
6.8 - Medium
- December 12, 2024
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
Improper Input Validation
Windows Remote Desktop Services Denial of Service Vulnerability
CVE-2024-49075
7.5 - High
- December 12, 2024
Windows Remote Desktop Services Denial of Service Vulnerability
Resource Exhaustion
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
CVE-2024-49076
7.8 - High
- December 12, 2024
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
authentification
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
CVE-2024-49077
6.8 - Medium
- December 12, 2024
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
CVE-2024-49078
6.8 - Medium
- December 12, 2024
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
Out-of-bounds Read
Input Method Editor (IME) Remote Code Execution Vulnerability
CVE-2024-49079
7.8 - High
- December 12, 2024
Input Method Editor (IME) Remote Code Execution Vulnerability
Dangling pointer
Windows IP Routing Management Snapin Remote Code Execution Vulnerability
CVE-2024-49080
8.8 - High
- December 12, 2024
Windows IP Routing Management Snapin Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
CVE-2024-49081
6.6 - Medium
- December 12, 2024
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows File Explorer Information Disclosure Vulnerability
CVE-2024-49082
6.8 - Medium
- December 12, 2024
Windows File Explorer Information Disclosure Vulnerability
Directory traversal
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
CVE-2024-49083
6.8 - Medium
- December 12, 2024
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-49084
7 - High
- December 12, 2024
Windows Kernel Elevation of Privilege Vulnerability
Race Condition
Windows Mobile Broadband Driver Information Disclosure Vulnerability
CVE-2024-49087
4.6 - Medium
- December 12, 2024
Windows Mobile Broadband Driver Information Disclosure Vulnerability
Improper Input Validation
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2024-49088
7.8 - High
- December 12, 2024
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Buffer Over-read
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-49089
7.2 - High
- December 12, 2024
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Integer Overflow or Wraparound
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2024-49090
7.8 - High
- December 12, 2024
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Untrusted Pointer Dereference
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
CVE-2024-49092
6.8 - Medium
- December 12, 2024
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
Out-of-bounds Read
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
CVE-2024-49094
6.6 - Medium
- December 12, 2024
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
CVE-2024-49095
7 - High
- December 12, 2024
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
Race Condition
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2024-49096
7.5 - High
- December 12, 2024
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Resource Exhaustion
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
CVE-2024-49097
7 - High
- December 12, 2024
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
Race Condition
Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
CVE-2024-49098
4.3 - Medium
- December 12, 2024
Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
Out-of-bounds Read
Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
CVE-2024-49099
4.3 - Medium
- December 12, 2024
Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
Out-of-bounds Read
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
CVE-2024-49101
6.6 - Medium
- December 12, 2024
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-49102
8.8 - High
- December 12, 2024
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
CVE-2024-49103
4.3 - Medium
- December 12, 2024
Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
Out-of-bounds Read
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-49104
8.8 - High
- December 12, 2024
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Remote Desktop Client Remote Code Execution Vulnerability
CVE-2024-49105
8.4 - High
- December 12, 2024
Remote Desktop Client Remote Code Execution Vulnerability
Authorization
WmsRepair Service Elevation of Privilege Vulnerability
CVE-2024-49107
7.3 - High
- December 12, 2024
WmsRepair Service Elevation of Privilege Vulnerability
insecure temporary file
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
CVE-2024-49109
6.6 - Medium
- December 12, 2024
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2024-49138
7.8 - High
- December 12, 2024
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows Task Scheduler Elevation of Privilege Vulnerability
CVE-2024-49039
8.8 - High
- November 12, 2024
Windows Task Scheduler Elevation of Privilege Vulnerability
authentification
NTLM Hash Disclosure Spoofing Vulnerability
CVE-2024-43451
6.5 - Medium
- November 12, 2024
NTLM Hash Disclosure Spoofing Vulnerability
External Control of File Name or Path
Microsoft Windows VMSwitch Elevation of Privilege Vulnerability
CVE-2024-43625
8.1 - High
- November 12, 2024
Microsoft Windows VMSwitch Elevation of Privilege Vulnerability
Dangling pointer
Windows NT OS Kernel Elevation of Privilege Vulnerability
CVE-2024-43623
7.8 - High
- November 12, 2024
Windows NT OS Kernel Elevation of Privilege Vulnerability
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2024-43622
8.8 - High
- November 12, 2024
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2024-43621
8.8 - High
- November 12, 2024
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2024-43620
8.8 - High
- November 12, 2024
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Package Library Manager Information Disclosure Vulnerability
CVE-2024-38203
5.5 - Medium
- November 12, 2024
Windows Package Library Manager Information Disclosure Vulnerability
Protection Mechanism Failure
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2024-43628
8.8 - High
- November 12, 2024
Windows Telephony Service Remote Code Execution Vulnerability
Integer Overflow or Wraparound
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2024-43627
8.8 - High
- November 12, 2024
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
CVE-2024-49046
7.8 - High
- November 12, 2024
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
CVE-2024-43646
7.8 - High
- November 12, 2024
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
Untrusted Pointer Dereference
Windows Client-Side Caching Elevation of Privilege Vulnerability
CVE-2024-43644
7.8 - High
- November 12, 2024
Windows Client-Side Caching Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
CVE-2024-43643
6.8 - Medium
- November 12, 2024
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
Windows SMB Denial of Service Vulnerability
CVE-2024-43642
7.5 - High
- November 12, 2024
Windows SMB Denial of Service Vulnerability
Dangling pointer
Windows Registry Elevation of Privilege Vulnerability
CVE-2024-43641
7.8 - High
- November 12, 2024
Windows Registry Elevation of Privilege Vulnerability
Integer Overflow or Wraparound
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2024-43640
7.8 - High
- November 12, 2024
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
CVE-2024-43638
6.8 - Medium
- November 12, 2024
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
CVE-2024-43637
6.8 - Medium
- November 12, 2024
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
Out-of-bounds Read
Win32k Elevation of Privilege Vulnerability
CVE-2024-43636
7.8 - High
- November 12, 2024
Win32k Elevation of Privilege Vulnerability
Untrusted Pointer Dereference
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2024-43635
8.8 - High
- November 12, 2024
Windows Telephony Service Remote Code Execution Vulnerability
Integer Overflow or Wraparound
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
CVE-2024-43634
6.8 - Medium
- November 12, 2024
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows Hyper-V Denial of Service Vulnerability
CVE-2024-43633
6.5 - Medium
- November 12, 2024
Windows Hyper-V Denial of Service Vulnerability
Sensitive Data Storage in Improperly Locked Memory
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
CVE-2024-43631
7.8 - High
- November 12, 2024
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
Untrusted Pointer Dereference
Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2024-43629
7.8 - High
- November 12, 2024
Windows DWM Core Library Elevation of Privilege Vulnerability
Untrusted Pointer Dereference
Windows Telephony Service Elevation of Privilege Vulnerability
CVE-2024-43626
7.8 - High
- November 12, 2024
Windows Telephony Service Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability
CVE-2024-43624
8.8 - High
- November 12, 2024
Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability
Untrusted Pointer Dereference
Windows Update Stack Elevation of Privilege Vulnerability
CVE-2024-43530
7.8 - High
- November 12, 2024
Windows Update Stack Elevation of Privilege Vulnerability
Authorization
Windows Registry Elevation of Privilege Vulnerability
CVE-2024-43452
7.5 - High
- November 12, 2024
Windows Registry Elevation of Privilege Vulnerability
TOCTTOU
Microsoft Virtual Hard Disk (VHDX) Denial of Service Vulnerability
CVE-2024-38264
5.9 - Medium
- November 12, 2024
Microsoft Virtual Hard Disk (VHDX) Denial of Service Vulnerability
Sensitive Data Storage in Improperly Locked Memory