Microsoft Windows Server 2016
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Windows Server 2016.
By the Year
In 2026 there have been 237 vulnerabilities in Microsoft Windows Server 2016 with an average score of 7.2 out of ten. Last year, in 2025 Windows Server 2016 had 601 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Windows Server 2016 in 2026 could surpass last years number. Last year, the average CVE base score was greater by 0.02
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 237 | 7.19 |
| 2025 | 601 | 7.21 |
| 2024 | 494 | 7.52 |
| 2023 | 505 | 7.53 |
| 2022 | 515 | 7.43 |
| 2021 | 505 | 7.39 |
| 2020 | 801 | 7.34 |
| 2019 | 460 | 7.30 |
| 2018 | 249 | 7.29 |
It may take a day or so for new Windows Server 2016 vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Windows Server 2016 Security Vulnerabilities
May 2026: Windows TCP/IP Denial of Service Vulnerability
CVE-2026-40413
7.4 - High
- May 12, 2026
Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over an adjacent network.
NULL Pointer Dereference
May 2026: Windows Graphics Component Remote Code Execution Vulnerability
CVE-2026-40403
8.8 - High
- May 12, 2026
Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to execute code locally.
Heap-based Buffer Overflow
May 2026: Windows TCP/IP Denial of Service Vulnerability
CVE-2026-40401
7.1 - High
- May 12, 2026
Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service locally.
NULL Pointer Dereference
May 2026: Windows Remote Desktop Services Elevation of Privilege Vulnerability
CVE-2026-40398
7.8 - High
- May 12, 2026
Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.
Heap-based Buffer Overflow
May 2026: Windows Filtering Platform (WFP) Security Feature Bypass Vulnerability
CVE-2026-32209
4.4 - Medium
- May 12, 2026
Improper access control in Windows Filtering Platform (WFP) allows an authorized attacker to bypass a security feature locally.
Authorization
May 2026: Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2026-40397
7.8 - High
- May 12, 2026
Integer underflow (wrap or wraparound) in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
Integer underflow
May 2026: Windows Telephony Service Elevation of Privilege Vulnerability
CVE-2026-40382
7.8 - High
- May 12, 2026
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
Dangling pointer
May 2026: Windows Link-Layer Discovery Protocol (LLDP) Elevation of Privilege Vulnerability
CVE-2026-34341
7 - High
- May 12, 2026
Double free in Windows Link-Layer Discovery Protocol (LLDP) allows an authorized attacker to elevate privileges locally.
Double-free
May 2026: Windows Telephony Service Elevation of Privilege Vulnerability
CVE-2026-34338
7.8 - High
- May 12, 2026
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
Dangling pointer
May 2026: Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
CVE-2026-34339
5.5 - Medium
- May 12, 2026
Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to deny service locally.
NULL Pointer Dereference
May 2026: Windows TCP/IP Elevation of Privilege Vulnerability
CVE-2026-34334
7.8 - High
- May 12, 2026
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
Race Condition
May 2026: Windows DWM Core Library Information Disclosure Vulnerability
CVE-2026-34336
7.8 - High
- May 12, 2026
Buffer over-read in Windows DWM Core Library allows an authorized attacker to disclose information locally.
Buffer Over-read
May 2026: Windows Message Queuing (MSMQ) Elevation of Privilege Vulnerability
CVE-2026-33838
7.8 - High
- May 12, 2026
Double free in Windows Message Queuing allows an authorized attacker to elevate privileges locally.
Double-free
May 2026: Windows TCP/IP Local Elevation of Privilege Vulnerability
CVE-2026-33837
7.8 - High
- May 12, 2026
Heap-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
Heap-based Buffer Overflow
May 2026: Windows Telephony Service Elevation of Privilege Vulnerability
CVE-2026-42825
7 - High
- May 12, 2026
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
Dangling pointer
May 2026: Windows Rich Text Edit Elevation of Privilege Vulnerability
CVE-2026-32170
6.7 - Medium
- May 12, 2026
Double free in Windows Rich Text Edit Control allows an authorized attacker to elevate privileges locally.
Double-free
May 2026: Windows Native WiFi Miniport Driver Remote Code Execution Vulnerability
CVE-2026-32161
7.5 - High
- May 12, 2026
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Native WiFi Miniport Driver allows an unauthorized attacker to execute code over an adjacent network.
Race Condition
May 2026: Data Deduplication Elevation of Privilege Vulnerability
CVE-2026-41095
7.8 - High
- May 12, 2026
Use after free in Data Deduplication allows an authorized attacker to elevate privileges locally.
Dangling pointer
May 2026: Windows Netlogon Remote Code Execution Vulnerability
CVE-2026-41089
9.8 - Critical
- May 12, 2026
Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network.
Stack Overflow
May 2026: Windows TCP/IP Denial of Service Vulnerability
CVE-2026-40414
7.4 - High
- May 12, 2026
Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over an adjacent network.
NULL Pointer Dereference
May 2026: Windows SMB Client Elevation of Privilege Vulnerability
CVE-2026-40410
7 - High
- May 12, 2026
Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally.
Dangling pointer
May 2026: Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2026-40407
7.8 - High
- May 12, 2026
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
Heap-based Buffer Overflow
May 2026: Windows WAN ARP Driver Elevation of Privilege Vulnerability
CVE-2026-40408
7.8 - High
- May 12, 2026
Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.
Dangling pointer
May 2026: Windows TCP/IP Information Disclosure Vulnerability
CVE-2026-40406
7.5 - High
- May 12, 2026
Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network.
Dangling pointer
May 2026: Windows TCP/IP Elevation of Privilege Vulnerability
CVE-2026-40399
7.8 - High
- May 12, 2026
Stack-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
Stack Overflow
May 2026: Windows Volume Manager Extension Driver Remote Code Execution Vulnerability
CVE-2026-40380
6.2 - Medium
- May 12, 2026
Heap-based buffer overflow in Volume Manager Extension Driver allows an authorized attacker to execute code with a physical attack.
Heap-based Buffer Overflow
May 2026: Microsoft Cryptographic Services Elevation of Privilege Vulnerability
CVE-2026-40377
7.8 - High
- May 12, 2026
Heap-based buffer overflow in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.
Heap-based Buffer Overflow
May 2026: Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability
CVE-2026-35424
7.5 - High
- May 12, 2026
Missing release of memory after effective lifetime in Windows Internet Key Exchange (IKE) Protocol allows an unauthorized attacker to deny service over a network.
Memory Leak
May 2026: Windows 11 Telnet Client Information Disclosure Vulnerability
CVE-2026-35423
5.4 - Medium
- May 12, 2026
Out-of-bounds read in Telnet Client allows an unauthorized attacker to disclose information over a network.
Out-of-bounds Read
May 2026: Windows TCP/IP Driver Security Feature Bypass Vulnerability
CVE-2026-35422
6.5 - Medium
- May 12, 2026
Authentication bypass using an alternate path or channel in Windows TCP/IP allows an authorized attacker to bypass a security feature over a network.
Authentication Bypass Using an Alternate Path or Channel
May 2026: Windows GDI Remote Code Execution Vulnerability
CVE-2026-35421
7.8 - High
- May 12, 2026
Heap-based buffer overflow in Windows GDI allows an unauthorized attacker to execute code locally.
Heap-based Buffer Overflow
May 2026: Windows Kernel Elevation of Privilege Vulnerability
CVE-2026-35420
7.8 - High
- May 12, 2026
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
Heap-based Buffer Overflow
May 2026: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-35416
7 - High
- May 12, 2026
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Dangling pointer
May 2026: Windows Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2026-35415
7.8 - High
- May 12, 2026
Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.
Integer Overflow or Wraparound
May 2026: Windows TCP/IP Elevation of Privilege Vulnerability
CVE-2026-34351
7.8 - High
- May 12, 2026
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
Race Condition
May 2026: Windows Win32k Elevation of Privilege Vulnerability
CVE-2026-34347
7 - High
- May 12, 2026
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
Dangling pointer
May 2026: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-34345
7 - High
- May 12, 2026
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Race Condition
May 2026: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-34344
7.8 - High
- May 12, 2026
Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Object Type Confusion
May 2026: Windows Application Identity (AppID) Subsystem Elevation of Privilege Vulnerability
CVE-2026-34343
7.8 - High
- May 12, 2026
Heap-based buffer overflow in Windows Application Identity (AppID) Subsystem allows an authorized attacker to elevate privileges locally.
Heap-based Buffer Overflow
May 2026: Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2026-34342
7 - High
- May 12, 2026
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally.
Race Condition
May 2026: Windows Win32k Elevation of Privilege Vulnerability
CVE-2026-34333
7.8 - High
- May 12, 2026
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
Dangling pointer
May 2026: Win32k Elevation of Privilege Vulnerability
CVE-2026-34331
7 - High
- May 12, 2026
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
Race Condition
May 2026: Win32k Elevation of Privilege Vulnerability
CVE-2026-34330
7.8 - High
- May 12, 2026
Integer overflow or wraparound in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
Integer Overflow or Wraparound
May 2026: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2026-34329
8.8 - High
- May 12, 2026
Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network.
Heap-based Buffer Overflow
May 2026: Windows Event Logging Service Elevation of Privilege Vulnerability
CVE-2026-33834
7.8 - High
- May 12, 2026
Improper access control in Windows Event Logging Service allows an authorized attacker to elevate privileges locally.
Authorization
May 2026: Windows Rich Text Edit Elevation of Privilege Vulnerability
CVE-2026-21530
6.7 - Medium
- May 12, 2026
Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally.
Double-free
Apr 2026: Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability
CVE-2026-32214
5.5 - Medium
- April 14, 2026
Improper access control in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally.
Authorization
Apr 2026: Windows Snipping Tool Spoofing Vulnerability
CVE-2026-33829
4.3 - Medium
- April 14, 2026
Exposure of sensitive information to an unauthorized actor in Windows Snipping Tool allows an unauthorized attacker to perform spoofing over a network.
Information Disclosure
Apr 2026: Windows TCP/IP Remote Code Execution Vulnerability
CVE-2026-33827
8.1 - High
- April 14, 2026
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an unauthorized attacker to execute code over a network.
Race Condition
Apr 2026: Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability
CVE-2026-33824
9.8 - Critical
- April 14, 2026
Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network.
Double-free
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Windows Server 2016 or by Microsoft? Click the Watch button to subscribe.
