Windows 11 26h1 Microsoft Windows 11 26h1

  1. Vendors
  2. Microsoft
  3. Windows 11 26h1

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Microsoft Windows 11 26h1.

By the Year

In 2026 there have been 354 vulnerabilities in Microsoft Windows 11 26h1 with an average score of 7.3 out of ten. Last year, in 2025 Windows 11 26h1 had 1 security vulnerability published. That is, 353 more vulnerabilities have already been reported in 2026 as compared to last year. Last year, the average CVE base score was greater by 0.20




Year Vulnerabilities Average Score
2026 354 7.30
2025 1 7.50
2024 4 7.95
2023 0 0.00
2022 0 0.00
2021 0 0.00
2020 1 7.00

It may take a day or so for new Windows 11 26h1 vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Windows 11 26h1 Security Vulnerabilities

Jun 2026: Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-44813 7.8 - High - June 09, 2026

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Dangling pointer

Jun 2026: Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-44804 7.8 - High - June 09, 2026

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Dangling pointer

Jun 2026: Windows Graphics Component Remote Code Execution Vulnerability
CVE-2026-44812 7.8 - High - June 09, 2026

Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.

Integer Overflow or Wraparound

Jun 2026: Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-42993 7.5 - High - June 09, 2026

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Heap-based Buffer Overflow

Jun 2026: Windows Graphics Component Remote Code Execution Vulnerability
CVE-2026-44803 7.8 - High - June 09, 2026

Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.

Integer Overflow or Wraparound

Jun 2026: Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-42985 8.8 - High - June 09, 2026

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Dangling pointer

Jun 2026: Windows DWM Core Library Information Disclosure Vulnerability
CVE-2026-44814 5.5 - Medium - June 09, 2026

Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally.

Out-of-bounds Read

Jun 2026: Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-44801 7.5 - High - June 09, 2026

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Dangling pointer

Jun 2026: Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-44802 7.8 - High - June 09, 2026

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Dangling pointer

Jun 2026: DHCP Client Service Remote Code Execution Vulnerability
CVE-2026-44815 9.8 - Critical - June 09, 2026

Stack-based buffer overflow in Windows DHCP Client allows an unauthorized attacker to execute code over a network.

Stack Overflow

Jun 2026: Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-42983 7.8 - High - June 09, 2026

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Dangling pointer

Jun 2026: Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-44799 7.5 - High - June 09, 2026

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Heap-based Buffer Overflow

Jun 2026: Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-44808 7.8 - High - June 09, 2026

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Heap-based Buffer Overflow

Jun 2026: Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-44807 7.8 - High - June 09, 2026

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Dangling pointer

Jun 2026: Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-44811 7.8 - High - June 09, 2026

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Heap-based Buffer Overflow

Jun 2026: Microsoft Cryptographic Services Elevation of Privilege Vulnerability
CVE-2026-44810 8.4 - High - June 09, 2026

Improper authentication in Windows Cryptographic Services allows an unauthorized attacker to elevate privileges locally.

authentification

Jun 2026: Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-42992 7.5 - High - June 09, 2026

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Heap-based Buffer Overflow

Jun 2026: Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2026-44809 7.8 - High - June 09, 2026

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Dangling pointer

Jun 2026: Windows Push Notifications Elevation of Privilege Vulnerability
CVE-2026-42991 7.8 - High - June 09, 2026

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Race Condition

Jun 2026: Winlogon Elevation of Privilege Vulnerability
CVE-2026-42989 7.8 - High - June 09, 2026

Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally.

insecure temporary file

Jun 2026: Windows Push Notifications Elevation of Privilege Vulnerability
CVE-2026-42979 7.8 - High - June 09, 2026

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Race Condition

Jun 2026: Windows Push Notifications Elevation of Privilege Vulnerability
CVE-2026-42977 7.8 - High - June 09, 2026

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Race Condition

Jun 2026: Windows Push Notifications Elevation of Privilege Vulnerability
CVE-2026-42978 7.8 - High - June 09, 2026

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

Race Condition

Jun 2026: Microsoft Graphics Component Elevation of Privilege Vulnerability
CVE-2026-42986 7.8 - High - June 09, 2026

Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

Dangling pointer

Jun 2026: Windows Performance Monitor Remote Code Execution Vulnerability
CVE-2026-42974 8.1 - High - June 09, 2026

Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacker to execute code over a network.

Integer Overflow or Wraparound

Jun 2026: Windows Kernel Elevation of Privilege Vulnerability
CVE-2026-42984 7 - High - June 09, 2026

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

Dangling pointer

Jun 2026: Windows Performance Monitor Remote Code Execution Vulnerability
CVE-2026-42981 8.1 - High - June 09, 2026

Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacker to execute code over a network.

Integer underflow

Jun 2026: Windows Push Notification Information Disclosure Vulnerability
CVE-2026-42973 5.5 - Medium - June 09, 2026

Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.

Information Disclosure

Jun 2026: Windows Push Notification Information Disclosure Vulnerability
CVE-2026-42970 5.5 - Medium - June 09, 2026

Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.

Information Disclosure

Jun 2026: Windows Push Notification Information Disclosure Vulnerability
CVE-2026-42971 5.5 - Medium - June 09, 2026

Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.

Information Disclosure

Jun 2026: Windows Push Notification Information Disclosure Vulnerability
CVE-2026-42969 5.5 - Medium - June 09, 2026

Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.

Use of Uninitialized Resource

Jun 2026: Windows Hyper-V Information Disclosure Vulnerability
CVE-2026-42972 5.5 - Medium - June 09, 2026

Exposure of sensitive information to an unauthorized actor in Windows Hyper-V allows an authorized attacker to disclose information locally.

Information Disclosure

Jun 2026: Windows Telephony Server Information Disclosure Vulnerability
CVE-2026-42968 5.5 - Medium - June 09, 2026

Out-of-bounds read in Windows Telephony Service allows an authorized attacker to disclose information locally.

Out-of-bounds Read

Jun 2026: Microsoft Windows VMSwitch Denial of Service Vulnerability
CVE-2026-42915 5.5 - Medium - June 09, 2026

Incorrect calculation of buffer size in Windows VMSwitch allows an authorized attacker to deny service locally.

Incorrect Calculation of Buffer Size

Jun 2026: Windows Telephony Service Elevation of Privilege Vulnerability
CVE-2026-42912 7 - High - June 09, 2026

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Telephony Service allows an authorized attacker to elevate privileges locally.

Race Condition

Jun 2026: Windows Kerberos Denial of Service Vulnerability
CVE-2026-42914 5.3 - Medium - June 09, 2026

Windows Kerberos Denial of Service Vulnerability

Out-of-bounds Read

Jun 2026: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-42911 7 - High - June 09, 2026

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Dangling pointer

Jun 2026: Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-42913 7.5 - High - June 09, 2026

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Race Condition

Jun 2026: NT OS Kernel Elevation of Privilege Vulnerability
CVE-2026-42916 7.8 - High - June 09, 2026

Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally.

Integer Overflow or Wraparound

Jun 2026: NT OS Kernel Elevation of Privilege Vulnerability
CVE-2026-42980 7.8 - High - June 09, 2026

Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally.

Integer underflow

Jun 2026: Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-42909 7.5 - High - June 09, 2026

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Race Condition

Jun 2026: Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
CVE-2026-42908 7.5 - High - June 09, 2026

Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network.

Out-of-bounds Read

Jun 2026: Windows Shell Information Disclosure Vulnerability
CVE-2026-42907 6.5 - Medium - June 09, 2026

Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally.

Information Disclosure

Jun 2026: Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-42905 7.8 - High - June 09, 2026

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Dangling pointer

Jun 2026: Windows Shell Information Disclosure Vulnerability
CVE-2026-42906 5.5 - Medium - June 09, 2026

Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally.

Information Disclosure

Jun 2026: Windows TCP/IP Elevation of Privilege Vulnerability
CVE-2026-42904 9.6 - Critical - June 09, 2026

Heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate privileges over an adjacent network.

Heap-based Buffer Overflow

Jun 2026: Windows Projected File System Elevation of Privilege Vulnerability
CVE-2026-42837 7.8 - High - June 09, 2026

Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally.

Out-of-bounds Read

Jun 2026: Windows Kerberos Denial of Service Vulnerability
CVE-2026-42903 6.5 - Medium - June 09, 2026

Null pointer dereference in Windows Kerberos allows an authorized attacker to deny service over a network.

NULL Pointer Dereference

Jun 2026: Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability
CVE-2026-42836 7 - High - June 09, 2026

Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.

Race Condition

Jun 2026: HTTP.sys Denial of Service Vulnerability
CVE-2026-49160 7.5 - High - June 09, 2026

Uncontrolled resource consumption in HTTP/2 allows an unauthorized attacker to deny service over a network.

Resource Exhaustion

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Windows 11 26h1 or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

Microsoft Windows 11 26h1
Product

subscribe