Microsoft Windows 11 24h2
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Windows 11 24h2.
By the Year
In 2025 there have been 196 vulnerabilities in Microsoft Windows 11 24h2 with an average score of 7.2 out of ten. Last year, in 2024 Windows 11 24h2 had 216 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Windows 11 24h2 in 2025 could surpass last years number. Last year, the average CVE base score was greater by 0.23
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 196 | 7.21 |
| 2024 | 216 | 7.43 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Windows 11 24h2 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Windows 11 24h2 Security Vulnerabilities
Use after free in Windows Common Log File System Driver
CVE-2025-30385
7.8 - High
- May 13, 2025
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
Dangling pointer
Heap-based buffer overflow in Windows Win32K - GRFX
CVE-2025-30388
7.8 - High
- May 13, 2025
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
Memory Corruption
Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine
CVE-2025-30397
7.5 - High
- May 13, 2025
Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network.
Object Type Confusion
Use after free in Windows DWM
CVE-2025-30400
7.8 - High
- May 13, 2025
Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.
Dangling pointer
Use after free in Windows Common Log File System Driver
CVE-2025-32701
7.8 - High
- May 13, 2025
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
Dangling pointer
Improper input validation in Windows Common Log File System Driver
CVE-2025-32706
7.8 - High
- May 13, 2025
Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
Improper Input Validation
Use after free in Windows Ancillary Function Driver for WinSock
CVE-2025-32709
7.8 - High
- May 13, 2025
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Dangling pointer
Heap-based buffer overflow in Windows Kernel
CVE-2025-24063
7.8 - High
- May 13, 2025
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
Memory Corruption
Improper privilege management in Windows Secure Kernel Mode
CVE-2025-27468
7 - High
- May 13, 2025
Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally.
Race Condition
Use of uninitialized resource in Windows Trusted Runtime Interface Driver
CVE-2025-29829
5.5 - Medium
- May 13, 2025
Use of uninitialized resource in Windows Trusted Runtime Interface Driver allows an authorized attacker to disclose information locally.
Use of Uninitialized Resource
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS)
CVE-2025-29830
6.5 - Medium
- May 13, 2025
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
Use of Uninitialized Resource
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS)
CVE-2025-29832
6.5 - Medium
- May 13, 2025
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
Out-of-bounds Read
Time-of-check time-of-use (toctou) race condition in Windows Virtual Machine Bus
CVE-2025-29833
7.7 - High
- May 13, 2025
Time-of-check time-of-use (toctou) race condition in Windows Virtual Machine Bus allows an unauthorized attacker to execute code locally.
TOCTTOU
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS)
CVE-2025-29835
6.5 - Medium
- May 13, 2025
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
Out-of-bounds Read
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS)
CVE-2025-29836
6.5 - Medium
- May 13, 2025
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
Out-of-bounds Read
Improper link resolution before file access ('link following') in Windows Installer
CVE-2025-29837
5.5 - Medium
- May 13, 2025
Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to disclose information locally.
insecure temporary file
Null pointer dereference in Windows Drivers
CVE-2025-29838
7 - High
- May 13, 2025
Null pointer dereference in Windows Drivers allows an unauthorized attacker to elevate privileges locally.
NULL Pointer Dereference
Out-of-bounds read in Windows File Server
CVE-2025-29839
4 - Medium
- May 13, 2025
Out-of-bounds read in Windows File Server allows an unauthorized attacker to disclose information locally.
Out-of-bounds Read
Stack-based buffer overflow in Windows Media
CVE-2025-29840
8.8 - High
- May 13, 2025
Stack-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
Memory Corruption
Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service
CVE-2025-29841
7 - High
- May 13, 2025
Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service allows an authorized attacker to elevate privileges locally.
Race Condition
Acceptance of extraneous untrusted data with trusted data in UrlMon
CVE-2025-29842
7.5 - High
- May 13, 2025
Acceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized attacker to bypass a security feature over a network.
Insufficient Verification of Data Authenticity
Improper input validation in Windows Hyper-V
CVE-2025-29955
5.5 - Medium
- May 13, 2025
Improper input validation in Windows Hyper-V allows an unauthorized attacker to deny service locally.
Improper Input Validation
Buffer over-read in Windows SMB
CVE-2025-29956
5.4 - Medium
- May 13, 2025
Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network.
Out-of-bounds Read
Uncontrolled resource consumption in Windows Deployment Services
CVE-2025-29957
6.2 - Medium
- May 13, 2025
Uncontrolled resource consumption in Windows Deployment Services allows an unauthorized attacker to deny service locally.
Allocation of Resources Without Limits or Throttling
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS)
CVE-2025-29958
6.5 - Medium
- May 13, 2025
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
Use of Uninitialized Resource
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS)
CVE-2025-29959
6.5 - Medium
- May 13, 2025
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
Use of Uninitialized Resource
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS)
CVE-2025-29960
6.5 - Medium
- May 13, 2025
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
Out-of-bounds Read
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS)
CVE-2025-29961
6.5 - Medium
- May 13, 2025
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
Out-of-bounds Read
Heap-based buffer overflow in Windows Media
CVE-2025-29962
8.8 - High
- May 13, 2025
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
Memory Corruption
Heap-based buffer overflow in Windows Media
CVE-2025-29963
8.8 - High
- May 13, 2025
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
Memory Corruption
Heap-based buffer overflow in Windows Media
CVE-2025-29964
8.8 - High
- May 13, 2025
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
Memory Corruption
Heap-based buffer overflow in Windows Remote Desktop
CVE-2025-29966
8.8 - High
- May 13, 2025
Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network.
Memory Corruption
Heap-based buffer overflow in Remote Desktop Gateway Service
CVE-2025-29967
8.8 - High
- May 13, 2025
Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.
Memory Corruption
Time-of-check time-of-use (toctou) race condition in Windows Fundamentals
CVE-2025-29969
7.5 - High
- May 13, 2025
Time-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized attacker to execute code over a network.
TOCTTOU
Use after free in Microsoft Brokering File System
CVE-2025-29970
7.8 - High
- May 13, 2025
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
Dangling pointer
Out-of-bounds read in Web Threat Defense (WTD.sys)
CVE-2025-29971
7.5 - High
- May 13, 2025
Out-of-bounds read in Web Threat Defense (WTD.sys) allows an unauthorized attacker to deny service over a network.
Out-of-bounds Read
Integer underflow (wrap or wraparound) in Windows Kernel
CVE-2025-29974
5.7 - Medium
- May 13, 2025
Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network.
Integer underflow
Improper privilege management in Microsoft Office SharePoint
CVE-2025-29976
7.8 - High
- May 13, 2025
Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally.
Improper Privilege Management
Use after free in Windows Common Log File System Driver
CVE-2025-29824
7.8 - High
- April 08, 2025
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
Dangling pointer
External control of file name or path in Windows NTLM
CVE-2025-24054
5.4 - Medium
- March 11, 2025
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
External Control of File Name or Path
Integer overflow or wraparound in Windows Fast FAT Driver
CVE-2025-24985
7.8 - High
- March 11, 2025
Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.
Integer Overflow or Wraparound
Insertion of sensitive information into log file in Windows NTFS
CVE-2025-24984
4.6 - Medium
- March 11, 2025
Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.
Insertion of Sensitive Information into Log File
Out-of-bounds read in Windows NTFS
CVE-2025-24991
5.5 - Medium
- March 11, 2025
Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.
Out-of-bounds Read
Heap-based buffer overflow in Windows NTFS
CVE-2025-24993
7.8 - High
- March 11, 2025
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.
Heap-based Buffer Overflow
Improper neutralization in Microsoft Management Console
CVE-2025-26633
7 - High
- March 11, 2025
Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.
Improper Neutralization
DHCP Client Service Remote Code Execution Vulnerability
CVE-2025-21379
7.1 - High
- February 11, 2025
DHCP Client Service Remote Code Execution Vulnerability
Dangling pointer
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2025-21418
7.8 - High
- February 11, 2025
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows Storage Elevation of Privilege Vulnerability
CVE-2025-21391
7.1 - High
- February 11, 2025
Windows Storage Elevation of Privilege Vulnerability
insecure temporary file
Windows Disk Cleanup Tool Elevation of Privilege Vulnerability
CVE-2025-21420
7.8 - High
- February 11, 2025
Windows Disk Cleanup Tool Elevation of Privilege Vulnerability
insecure temporary file
Windows Setup Files Cleanup Elevation of Privilege Vulnerability
CVE-2025-21419
7.1 - High
- February 11, 2025
Windows Setup Files Cleanup Elevation of Privilege Vulnerability
insecure temporary file
Windows Core Messaging Elevation of Privileges Vulnerability
CVE-2025-21414
7 - High
- February 11, 2025
Windows Core Messaging Elevation of Privileges Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21407
8.8 - High
- February 11, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21406
8.8 - High
- February 11, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Dangling pointer
NTLM Hash Disclosure Spoofing Vulnerability
CVE-2025-21377
6.5 - Medium
- February 11, 2025
NTLM Hash Disclosure Spoofing Vulnerability
External Control of File Name or Path
Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability
CVE-2025-21182
7.4 - High
- February 11, 2025
Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability
Double-free
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2025-21181
7.5 - High
- February 11, 2025
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Resource Exhaustion
DHCP Client Service Denial of Service Vulnerability
CVE-2025-21179
4.8 - Medium
- February 11, 2025
DHCP Client Service Denial of Service Vulnerability
Out-of-bounds Read
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2025-21376
8.1 - High
- February 11, 2025
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Race Condition
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVE-2025-21375
7.8 - High
- February 11, 2025
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
Improper Input Validation
Windows Installer Elevation of Privilege Vulnerability
CVE-2025-21373
7.8 - High
- February 11, 2025
Windows Installer Elevation of Privilege Vulnerability
insecure temporary file
Microsoft Digest Authentication Remote Code Execution Vulnerability
CVE-2025-21369
8.8 - High
- February 11, 2025
Microsoft Digest Authentication Remote Code Execution Vulnerability
Integer Overflow or Wraparound
Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability
CVE-2025-21183
7.4 - High
- February 11, 2025
Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability
Double-free
Microsoft Digest Authentication Remote Code Execution Vulnerability
CVE-2025-21368
8.8 - High
- February 11, 2025
Microsoft Digest Authentication Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Kerberos Denial of Service Vulnerability
CVE-2025-21350
5.9 - Medium
- February 11, 2025
Windows Kerberos Denial of Service Vulnerability
Improper Input Validation
Windows Remote Desktop Configuration Service Tampering Vulnerability
CVE-2025-21349
6.8 - Medium
- February 11, 2025
Windows Remote Desktop Configuration Service Tampering Vulnerability
authentification
Windows Deployment Services Denial of Service Vulnerability
CVE-2025-21347
6 - Medium
- February 11, 2025
Windows Deployment Services Denial of Service Vulnerability
insecure temporary file
Windows NTFS Elevation of Privilege Vulnerability
CVE-2025-21337
3.3 - Low
- February 11, 2025
Windows NTFS Elevation of Privilege Vulnerability
Authorization
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21371
8.8 - High
- February 11, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Internet Connection Sharing (ICS) Denial of Service Vulnerability
CVE-2025-21254
6.5 - Medium
- February 11, 2025
Internet Connection Sharing (ICS) Denial of Service Vulnerability
Out-of-bounds Read
Internet Connection Sharing (ICS) Denial of Service Vulnerability
CVE-2025-21216
6.5 - Medium
- February 11, 2025
Internet Connection Sharing (ICS) Denial of Service Vulnerability
Out-of-bounds Read
Internet Connection Sharing (ICS) Denial of Service Vulnerability
CVE-2025-21212
6.5 - Medium
- February 11, 2025
Internet Connection Sharing (ICS) Denial of Service Vulnerability
Out-of-bounds Read
Windows Telephony Server Remote Code Execution Vulnerability
CVE-2025-21201
8.8 - High
- February 11, 2025
Windows Telephony Server Remote Code Execution Vulnerability
Double-free
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21200
8.8 - High
- February 11, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21190
8.8 - High
- February 11, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Core Messaging Elevation of Privileges Vulnerability
CVE-2025-21184
7 - High
- February 11, 2025
Windows Core Messaging Elevation of Privileges Vulnerability
Heap-based Buffer Overflow
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
CVE-2025-21325
7.8 - High
- January 17, 2025
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
Incorrect Permission Assignment for Critical Resource
Windows CSC Service Elevation of Privilege Vulnerability
CVE-2025-21378
7.8 - High
- January 14, 2025
Windows CSC Service Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows Web Threat Defense User Service Information Disclosure Vulnerability
CVE-2025-21343
7.5 - High
- January 14, 2025
Windows Web Threat Defense User Service Information Disclosure Vulnerability
Improper Privilege Management
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
CVE-2025-21370
8.8 - High
- January 14, 2025
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
Improper Input Validation
Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2025-21372
7.8 - High
- January 14, 2025
Microsoft Brokering File System Elevation of Privilege Vulnerability
Dangling pointer
Windows CSC Service Information Disclosure Vulnerability
CVE-2025-21374
5.5 - Medium
- January 14, 2025
Windows CSC Service Information Disclosure Vulnerability
Out-of-bounds Read
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2025-21382
7.8 - High
- January 14, 2025
Windows Graphics Component Elevation of Privilege Vulnerability
Integer Overflow or Wraparound
Windows upnphost.dll Denial of Service Vulnerability
CVE-2025-21389
7.5 - High
- January 14, 2025
Windows upnphost.dll Denial of Service Vulnerability
Resource Exhaustion
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21411
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21413
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21409
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21417
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Themes Spoofing Vulnerability
CVE-2025-21308
6.5 - Medium
- January 14, 2025
Windows Themes Spoofing Vulnerability
Information Disclosure
Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability
CVE-2025-21307
9.8 - Critical
- January 14, 2025
Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability
Dangling pointer
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21306
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21305
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21303
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21302
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Geolocation Service Information Disclosure Vulnerability
CVE-2025-21301
6.5 - Medium
- January 14, 2025
Windows Geolocation Service Information Disclosure Vulnerability
Authorization
Windows upnphost.dll Denial of Service Vulnerability
CVE-2025-21300
7.5 - High
- January 14, 2025
Windows upnphost.dll Denial of Service Vulnerability
Resource Exhaustion
Windows Kerberos Security Feature Bypass Vulnerability
CVE-2025-21299
7.8 - High
- January 14, 2025
Windows Kerberos Security Feature Bypass Vulnerability
Insecure Storage of Sensitive Information
Windows OLE Remote Code Execution Vulnerability
CVE-2025-21298
9.8 - Critical
- January 14, 2025
Windows OLE Remote Code Execution Vulnerability
Dangling pointer
BranchCache Remote Code Execution Vulnerability
CVE-2025-21296
7.5 - High
- January 14, 2025
BranchCache Remote Code Execution Vulnerability
Dangling pointer
SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability
CVE-2025-21295
8.1 - High
- January 14, 2025
SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability
Dangling pointer
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2025-21285
7.5 - High
- January 14, 2025
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
NULL Pointer Dereference
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Windows Server 2025 or by Microsoft? Click the Watch button to subscribe.
