Windows Server 2022 Microsoft Windows Server 2022

  1. Vendors
  2. Microsoft
  3. Windows Server 2022

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Microsoft Windows Server 2022.

By the Year

In 2025 there have been 674 vulnerabilities in Microsoft Windows Server 2022 with an average score of 7.2 out of ten. Last year, in 2024 Windows Server 2022 had 580 security vulnerabilities published. That is, 94 more vulnerabilities have already been reported in 2025 as compared to last year. Last year, the average CVE base score was greater by 0.28




Year Vulnerabilities Average Score
2025 674 7.22
2024 580 7.50
2023 572 7.49
2022 429 7.46
2021 102 7.07

It may take a day or so for new Windows Server 2022 vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Windows Server 2022 Security Vulnerabilities

Nov 2025: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2025-62213 7 - High - November 11, 2025

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Dangling pointer

Nov 2025: Windows Kernel Elevation of Privilege Vulnerability
CVE-2025-62215 7 - High - November 11, 2025

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally.

Race Condition

Nov 2025: Windows License Manager Information Disclosure Vulnerability
CVE-2025-62209 5.5 - Medium - November 11, 2025

Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally.

Insertion of Sensitive Information into Log File

Nov 2025: Windows License Manager Information Disclosure Vulnerability
CVE-2025-62208 5.5 - Medium - November 11, 2025

Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally.

Insertion of Sensitive Information into Log File

Nov 2025: GDI+ Remote Code Execution Vulnerability
CVE-2025-60724 9.8 - Critical - November 11, 2025

Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.

Heap-based Buffer Overflow

Nov 2025: DirectX Graphics Kernel Denial of Service Vulnerability
CVE-2025-60723 6.3 - Medium - November 11, 2025

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorized attacker to deny service over a network.

Race Condition

Nov 2025: Windows Transport Driver Interface (TDI) Translation Driver Elevation of Privilege Vulnera
CVE-2025-60720 7.8 - High - November 11, 2025

Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.

Buffer Over-read

Nov 2025: DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVE-2025-60716 7 - High - November 11, 2025

Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally.

Dangling pointer

Nov 2025: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2025-60715 8 - High - November 11, 2025

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.

Heap-based Buffer Overflow

Nov 2025: Windows OLE Remote Code Execution Vulnerability
CVE-2025-60714 7.8 - High - November 11, 2025

Heap-based buffer overflow in Windows OLE allows an unauthorized attacker to execute code locally.

Heap-based Buffer Overflow

Nov 2025: Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability
CVE-2025-60713 7.8 - High - November 11, 2025

Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally.

Untrusted Pointer Dereference

Nov 2025: Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
CVE-2025-59514 7.8 - High - November 11, 2025

Improper privilege management in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.

Improper Privilege Management

Nov 2025: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2025-62452 8 - High - November 11, 2025

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.

Heap-based Buffer Overflow

Nov 2025: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2025-62217 7 - High - November 11, 2025

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Race Condition

Nov 2025: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2025-60719 7 - High - November 11, 2025

Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Untrusted Pointer Dereference

Nov 2025: Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2025-60709 7.8 - High - November 11, 2025

Out-of-bounds read in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Out-of-bounds Read

Nov 2025: Storvsp.sys Driver Denial of Service Vulnerability
CVE-2025-60708 6.5 - Medium - November 11, 2025

Untrusted pointer dereference in Storvsp.sys Driver allows an authorized attacker to deny service locally.

Untrusted Pointer Dereference

Nov 2025: Multimedia Class Scheduler Service (MMCSS) Driver Elevation of Privilege Vulnerability
CVE-2025-60707 7.8 - High - November 11, 2025

Use after free in Multimedia Class Scheduler Service (MMCSS) allows an authorized attacker to elevate privileges locally.

Dangling pointer

Nov 2025: Windows Hyper-V Information Disclosure Vulnerability
CVE-2025-60706 5.5 - Medium - November 11, 2025

Out-of-bounds read in Windows Hyper-V allows an authorized attacker to disclose information locally.

Out-of-bounds Read

Nov 2025: Windows Client-Side Caching Elevation of Privilege Vulnerability
CVE-2025-60705 7.8 - High - November 11, 2025

Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally.

Authorization

Nov 2025: Windows Kerberos Elevation of Privilege Vulnerability
CVE-2025-60704 7.5 - High - November 11, 2025

Missing cryptographic step in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network.

Missing Cryptographic Step

Nov 2025: Windows Remote Desktop Services Elevation of Privilege Vulnerability
CVE-2025-60703 7.8 - High - November 11, 2025

Untrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

Untrusted Pointer Dereference

Nov 2025: Windows Bluetooth RFCOM Protocol Driver Information Disclosure Vulnerability
CVE-2025-59513 5.5 - Medium - November 11, 2025

Out-of-bounds read in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to disclose information locally.

Out-of-bounds Read

Nov 2025: Customer Experience Improvement Program (CEIP) Elevation of Privilege Vulnerability
CVE-2025-59512 7.8 - High - November 11, 2025

Improper access control in Customer Experience Improvement Program (CEIP) allows an authorized attacker to elevate privileges locally.

Authorization

Nov 2025: Windows WLAN Service Elevation of Privilege Vulnerability
CVE-2025-59511 7.8 - High - November 11, 2025

External control of file name or path in Windows WLAN Service allows an authorized attacker to elevate privileges locally.

External Control of File Name or Path

Nov 2025: Windows Routing and Remote Access Service (RRAS) Denial of Service Vulnerability
CVE-2025-59510 5.5 - Medium - November 11, 2025

Improper link resolution before file access ('link following') in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to deny service locally.

insecure temporary file

Nov 2025: Windows Speech Recognition Information Disclosure Vulnerability
CVE-2025-59509 5.5 - Medium - November 11, 2025

Insertion of sensitive information into sent data in Windows Speech allows an authorized attacker to disclose information locally.

Insertion of Sensitive Information Into Sent Data

Nov 2025: Windows Speech Recognition Elevation of Privilege Vulnerability
CVE-2025-59508 7 - High - November 11, 2025

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech allows an authorized attacker to elevate privileges locally.

Race Condition

Nov 2025: Windows Speech Runtime Elevation of Privilege Vulnerability
CVE-2025-59507 7 - High - November 11, 2025

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech allows an authorized attacker to elevate privileges locally.

Race Condition

Nov 2025: DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVE-2025-59506 7 - High - November 11, 2025

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorized attacker to elevate privileges locally.

Race Condition

Nov 2025: Windows Smart Card Reader Elevation of Privilege Vulnerability
CVE-2025-59505 7.8 - High - November 11, 2025

Double free in Windows Smart Card allows an authorized attacker to elevate privileges locally.

Double-free

Oct 2025: Windows Bluetooth Service Elevation of Privilege Vulnerability
CVE-2025-59289 7 - High - October 14, 2025

Double free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.

Double-free

Oct 2025: Windows Server Update Service (WSUS) Remote Code Execution Vulnerability
CVE-2025-59287 9.8 - Critical - October 14, 2025

Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.

Marshaling, Unmarshaling

Oct 2025: Windows Authentication Elevation of Privilege Vulnerability
CVE-2025-59275 7.8 - High - October 14, 2025

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.

Improper Validation of Specified Type of Input

Oct 2025: Windows Authentication Elevation of Privilege Vulnerability
CVE-2025-59278 7.8 - High - October 14, 2025

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.

Improper Validation of Specified Type of Input

Oct 2025: Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2025-59261 7 - High - October 14, 2025

Time-of-check time-of-use (toctou) race condition in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

TOCTTOU

Oct 2025: Windows Search Service Denial of Service Vulnerability
CVE-2025-59253 5.5 - Medium - October 14, 2025

Improper access control in Microsoft Windows Search Component allows an authorized attacker to deny service locally.

Authorization

Oct 2025: Microsoft Failover Cluster Virtual Driver Information Disclosure Vulnerability
CVE-2025-59260 5.5 - Medium - October 14, 2025

Exposure of sensitive information to an unauthorized actor in Microsoft Failover Cluster Virtual Driver allows an authorized attacker to disclose information locally.

Information Disclosure

Oct 2025: Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVE-2025-59230 7.8 - High - October 14, 2025

Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.

Authorization

Oct 2025: NTLM Hash Disclosure Spoofing Vulnerability
CVE-2025-59244 6.5 - Medium - October 14, 2025

External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network.

External Control of File Name or Path

Oct 2025: Microsoft Windows File Explorer Spoofing Vulnerability
CVE-2025-59214 6.5 - Medium - October 14, 2025

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

Information Disclosure

Oct 2025: Windows Push Notification Information Disclosure Vulnerability
CVE-2025-59209 5.5 - Medium - October 14, 2025

Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally.

Information Disclosure

Oct 2025: Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2025-59205 7 - High - October 14, 2025

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

Race Condition

Oct 2025: Windows MapUrlToZone Information Disclosure Vulnerability
CVE-2025-59208 7.1 - High - October 14, 2025

Out-of-bounds read in Windows MapUrlToZone allows an unauthorized attacker to disclose information over a network.

Out-of-bounds Read

Oct 2025: Windows State Repository API Server File Information Disclosure Vulnerability
CVE-2025-59203 5.5 - Medium - October 14, 2025

Insertion of sensitive information into log file in Windows StateRepository API allows an authorized attacker to disclose information locally.

Insertion of Sensitive Information into Log File

Oct 2025: Windows Search Service Denial of Service Vulnerability
CVE-2025-59198 5 - Medium - October 14, 2025

Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally.

Improper Input Validation

Oct 2025: Windows ETL Channel Information Disclosure Vulnerability
CVE-2025-59197 5.5 - Medium - October 14, 2025

Insertion of sensitive information into log file in Windows ETL Channel allows an authorized attacker to disclose information locally.

Insertion of Sensitive Information into Log File

Oct 2025: Windows Management Services Elevation of Privilege Vulnerability
CVE-2025-59193 7 - High - October 14, 2025

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.

Race Condition

Oct 2025: Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
CVE-2025-59191 7.8 - High - October 14, 2025

Heap-based buffer overflow in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally.

Heap-based Buffer Overflow

Oct 2025: Storport.sys Driver Elevation of Privilege Vulnerability
CVE-2025-59192 7.8 - High - October 14, 2025

Buffer over-read in Storport.sys Driver allows an authorized attacker to elevate privileges locally.

Buffer Over-read

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Windows Server 2022 or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

Microsoft Windows Server 2022
Product

subscribe