Windows 11 Microsoft Windows 11

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Microsoft Windows 11.

By the Year

In 2024 there have been 394 vulnerabilities in Microsoft Windows 11 with an average score of 7.4 out of ten. Last year Windows 11 had 539 security vulnerabilities published. Right now, Windows 11 is on track to have less security vulnerabilities in 2024 than it did last year. Last year, the average CVE base score was greater by 0.11

Year Vulnerabilities Average Score
2024 394 7.43
2023 539 7.53
2022 501 7.44
2021 89 7.22
2020 0 0.00
2019 1 8.00
2018 0 0.00

It may take a day or so for new Windows 11 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Windows 11 Security Vulnerabilities

Microsoft Virtual Hard Disk (VHDX) Denial of Service Vulnerability

CVE-2024-38264 5.9 - Medium - November 12, 2024

Microsoft Virtual Hard Disk (VHDX) Denial of Service Vulnerability

Sensitive Data Storage in Improperly Locked Memory

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

CVE-2024-43449 6.8 - Medium - November 12, 2024

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

Out-of-bounds Read

Windows Registry Elevation of Privilege Vulnerability

CVE-2024-43452 7.5 - High - November 12, 2024

Windows Registry Elevation of Privilege Vulnerability

TOCTTOU

Windows Update Stack Elevation of Privilege Vulnerability

CVE-2024-43530 7.8 - High - November 12, 2024

Windows Update Stack Elevation of Privilege Vulnerability

Authorization

Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability

CVE-2024-43624 8.8 - High - November 12, 2024

Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability

Untrusted Pointer Dereference

Windows Telephony Service Elevation of Privilege Vulnerability

CVE-2024-43626 7.8 - High - November 12, 2024

Windows Telephony Service Elevation of Privilege Vulnerability

Heap-based Buffer Overflow

Windows DWM Core Library Elevation of Privilege Vulnerability

CVE-2024-43629 7.8 - High - November 12, 2024

Windows DWM Core Library Elevation of Privilege Vulnerability

Untrusted Pointer Dereference

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

CVE-2024-43631 7.8 - High - November 12, 2024

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

Untrusted Pointer Dereference

Windows Hyper-V Denial of Service Vulnerability

CVE-2024-43633 6.5 - Medium - November 12, 2024

Windows Hyper-V Denial of Service Vulnerability

Sensitive Data Storage in Improperly Locked Memory

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

CVE-2024-43634 6.8 - Medium - November 12, 2024

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

Out-of-bounds Read

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2024-43635 8.8 - High - November 12, 2024

Windows Telephony Service Remote Code Execution Vulnerability

Integer Overflow or Wraparound

Win32k Elevation of Privilege Vulnerability

CVE-2024-43636 7.8 - High - November 12, 2024

Win32k Elevation of Privilege Vulnerability

Untrusted Pointer Dereference

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

CVE-2024-43637 6.8 - Medium - November 12, 2024

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

Out-of-bounds Read

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

CVE-2024-43638 6.8 - Medium - November 12, 2024

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

Out-of-bounds Read

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

CVE-2024-43640 7.8 - High - November 12, 2024

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Windows Registry Elevation of Privilege Vulnerability

CVE-2024-43641 7.8 - High - November 12, 2024

Windows Registry Elevation of Privilege Vulnerability

Integer Overflow or Wraparound

Windows SMB Denial of Service Vulnerability

CVE-2024-43642 7.5 - High - November 12, 2024

Windows SMB Denial of Service Vulnerability

Dangling pointer

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

CVE-2024-43643 6.8 - Medium - November 12, 2024

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

Windows Client-Side Caching Elevation of Privilege Vulnerability

CVE-2024-43644 7.8 - High - November 12, 2024

Windows Client-Side Caching Elevation of Privilege Vulnerability

Out-of-bounds Read

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

CVE-2024-43646 7.8 - High - November 12, 2024

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

Untrusted Pointer Dereference

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

CVE-2024-49046 7.8 - High - November 12, 2024

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2024-43627 8.8 - High - November 12, 2024

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2024-43628 8.8 - High - November 12, 2024

Windows Telephony Service Remote Code Execution Vulnerability

Integer Overflow or Wraparound

Windows Package Library Manager Information Disclosure Vulnerability

CVE-2024-38203 5.5 - Medium - November 12, 2024

Windows Package Library Manager Information Disclosure Vulnerability

Protection Mechanism Failure

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2024-43620 8.8 - High - November 12, 2024

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2024-43621 8.8 - High - November 12, 2024

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2024-43622 8.8 - High - November 12, 2024

Windows Telephony Service Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows NT OS Kernel Elevation of Privilege Vulnerability

CVE-2024-43623 7.8 - High - November 12, 2024

Windows NT OS Kernel Elevation of Privilege Vulnerability

Microsoft Windows VMSwitch Elevation of Privilege Vulnerability

CVE-2024-43625 8.1 - High - November 12, 2024

Microsoft Windows VMSwitch Elevation of Privilege Vulnerability

Dangling pointer

NTLM Hash Disclosure Spoofing Vulnerability

CVE-2024-43451 6.5 - Medium - November 12, 2024

NTLM Hash Disclosure Spoofing Vulnerability

External Control of File Name or Path

Windows Task Scheduler Elevation of Privilege Vulnerability

CVE-2024-49039 8.8 - High - November 12, 2024

Windows Task Scheduler Elevation of Privilege Vulnerability

authentification

Windows MSHTML Platform Spoofing Vulnerability

CVE-2024-43573 8.1 - High - October 08, 2024

Windows MSHTML Platform Spoofing Vulnerability

XSS

Microsoft Management Console Remote Code Execution Vulnerability

CVE-2024-43572 7.8 - High - October 08, 2024

Microsoft Management Console Remote Code Execution Vulnerability

Improper Neutralization

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

CVE-2024-37983 6.7 - Medium - October 08, 2024

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

Untrusted Pointer Dereference

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

CVE-2024-37982 7.8 - High - October 08, 2024

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

Untrusted Pointer Dereference

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

CVE-2024-37976 6.7 - Medium - October 08, 2024

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

Integer Overflow or Wraparound

Code Integrity Guard Security Feature Bypass Vulnerability

CVE-2024-43585 5.5 - Medium - October 08, 2024

Code Integrity Guard Security Feature Bypass Vulnerability

Protection Mechanism Failure

Windows Scripting Engine Security Feature Bypass Vulnerability

CVE-2024-43584 8.4 - High - October 08, 2024

Windows Scripting Engine Security Feature Bypass Vulnerability

Winlogon Elevation of Privilege Vulnerability

CVE-2024-43583 7.8 - High - October 08, 2024

Winlogon Elevation of Privilege Vulnerability

Execution with Unnecessary Privileges

Remote Desktop Protocol Server Remote Code Execution Vulnerability

CVE-2024-43582 8.1 - High - October 08, 2024

Remote Desktop Protocol Server Remote Code Execution Vulnerability

Dangling pointer

Microsoft OpenSSH for Windows Remote Code Execution Vulnerability

CVE-2024-43581 7.1 - High - October 08, 2024

Microsoft OpenSSH for Windows Remote Code Execution Vulnerability

External Control of File Name or Path

Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-43570 7 - High - October 08, 2024

Windows Kernel Elevation of Privilege Vulnerability

Dangling pointer

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVE-2024-43537 6.5 - Medium - October 08, 2024

Windows Mobile Broadband Driver Denial of Service Vulnerability

Out-of-bounds Read

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

CVE-2024-43536 6.8 - Medium - October 08, 2024

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

CVE-2024-43535 7 - High - October 08, 2024

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Dangling pointer

Windows Graphics Component Information Disclosure Vulnerability

CVE-2024-43534 6.5 - Medium - October 08, 2024

Windows Graphics Component Information Disclosure Vulnerability

Out-of-bounds Read

Remote Desktop Client Remote Code Execution Vulnerability

CVE-2024-43533 8.8 - High - October 08, 2024

Remote Desktop Client Remote Code Execution Vulnerability

Dangling pointer

Remote Registry Service Elevation of Privilege Vulnerability

CVE-2024-43532 8.8 - High - October 08, 2024

Remote Registry Service Elevation of Privilege Vulnerability

Failing Open

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2024-43529 7.3 - High - October 08, 2024

Windows Print Spooler Elevation of Privilege Vulnerability

Untrusted Pointer Dereference

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

CVE-2024-43528 7.8 - High - October 08, 2024

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

Heap-based Buffer Overflow

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVE-2024-43559 6.5 - Medium - October 08, 2024

Windows Mobile Broadband Driver Denial of Service Vulnerability

NULL Pointer Dereference

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVE-2024-43558 6.5 - Medium - October 08, 2024

Windows Mobile Broadband Driver Denial of Service Vulnerability

Improper Input Validation

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVE-2024-43557 6.5 - Medium - October 08, 2024

Windows Mobile Broadband Driver Denial of Service Vulnerability

Improper Input Validation

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

CVE-2024-43543 6.8 - Medium - October 08, 2024

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Open Redirect

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVE-2024-43542 6.5 - Medium - October 08, 2024

Windows Mobile Broadband Driver Denial of Service Vulnerability

Improper Input Validation

Remote Desktop Client Remote Code Execution Vulnerability

CVE-2024-43599 8.8 - High - October 08, 2024

Remote Desktop Client Remote Code Execution Vulnerability

Dangling pointer

BranchCache Denial of Service Vulnerability

CVE-2024-38149 7.5 - High - October 08, 2024

BranchCache Denial of Service Vulnerability

Resource Exhaustion

Microsoft OpenSSH for Windows Remote Code Execution Vulnerability

CVE-2024-43615 7.1 - High - October 08, 2024

Microsoft OpenSSH for Windows Remote Code Execution Vulnerability

External Control of File Name or Path

Windows Resilient File System (ReFS) Information Disclosure Vulnerability

CVE-2024-43500 5.5 - Medium - October 08, 2024

Windows Resilient File System (ReFS) Information Disclosure Vulnerability

Buffer Over-read

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2024-43501 7.8 - High - October 08, 2024

Windows Common Log File System Driver Elevation of Privilege Vulnerability

insecure temporary file

BranchCache Denial of Service Vulnerability

CVE-2024-43506 7.5 - High - October 08, 2024

BranchCache Denial of Service Vulnerability

Resource Exhaustion

Windows Graphics Component Information Disclosure Vulnerability

CVE-2024-43508 5.5 - Medium - October 08, 2024

Windows Graphics Component Information Disclosure Vulnerability

Windows Graphics Component Elevation of Privilege Vulnerability

CVE-2024-43509 7.8 - High - October 08, 2024

Windows Graphics Component Elevation of Privilege Vulnerability

Dangling pointer

Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-43511 7 - High - October 08, 2024

Windows Kernel Elevation of Privilege Vulnerability

TOCTTOU

BitLocker Security Feature Bypass Vulnerability

CVE-2024-43513 6.4 - Medium - October 08, 2024

BitLocker Security Feature Bypass Vulnerability

Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability

CVE-2024-43514 7.8 - High - October 08, 2024

Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability

Double-free

Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability

CVE-2024-43515 7.5 - High - October 08, 2024

Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability

Resource Exhaustion

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

CVE-2024-43516 7.8 - High - October 08, 2024

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

Untrusted Pointer Dereference

Microsoft ActiveX Data Objects Remote Code Execution Vulnerability

CVE-2024-43517 8.8 - High - October 08, 2024

Microsoft ActiveX Data Objects Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Windows Telephony Server Remote Code Execution Vulnerability

CVE-2024-43518 8.8 - High - October 08, 2024

Windows Telephony Server Remote Code Execution Vulnerability

Heap-based Buffer Overflow

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2024-43519 8.8 - High - October 08, 2024

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Numeric Truncation Error

Windows Kernel Denial of Service Vulnerability

CVE-2024-43520 5 - Medium - October 08, 2024

Windows Kernel Denial of Service Vulnerability

NULL Pointer Dereference

Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability

CVE-2024-43522 7 - High - October 08, 2024

Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability

Heap-based Buffer Overflow

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

CVE-2024-43523 6.8 - Medium - October 08, 2024

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Improper Input Validation

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

CVE-2024-43524 6.8 - Medium - October 08, 2024

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Range Error

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

CVE-2024-43525 6.8 - Medium - October 08, 2024

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Improper Input Validation

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

CVE-2024-43526 6.8 - Medium - October 08, 2024

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Improper Input Validation

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVE-2024-43538 6.5 - Medium - October 08, 2024

Windows Mobile Broadband Driver Denial of Service Vulnerability

Improper Input Validation

Windows Mobile Broadband Driver Denial of Service Vulnerability

CVE-2024-43540 6.5 - Medium - October 08, 2024

Windows Mobile Broadband Driver Denial of Service Vulnerability

Improper Input Validation

Windows Cryptographic Information Disclosure Vulnerability

CVE-2024-43546 5.6 - Medium - October 08, 2024

Windows Cryptographic Information Disclosure Vulnerability

Side Channel Attack

Windows Kerberos Information Disclosure Vulnerability

CVE-2024-43547 5.9 - Medium - October 08, 2024

Windows Kerberos Information Disclosure Vulnerability

Missing Cryptographic Step

Windows Secure Channel Spoofing Vulnerability

CVE-2024-43550 7.4 - High - October 08, 2024

Windows Secure Channel Spoofing Vulnerability

Improper Certificate Validation

Windows Storage Elevation of Privilege Vulnerability

CVE-2024-43551 7.8 - High - October 08, 2024

Windows Storage Elevation of Privilege Vulnerability

insecure temporary file

Windows Shell Remote Code Execution Vulnerability

CVE-2024-43552 7.3 - High - October 08, 2024

Windows Shell Remote Code Execution Vulnerability

Dangling pointer

NT OS Kernel Elevation of Privilege Vulnerability

CVE-2024-43553 7 - High - October 08, 2024

NT OS Kernel Elevation of Privilege Vulnerability

Untrusted Pointer Dereference

Windows Kernel-Mode Driver Information Disclosure Vulnerability