Microsoft Windows Server 2025
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Windows Server 2025.
By the Year
In 2025 there have been 32 vulnerabilities in Microsoft Windows Server 2025 with an average score of 6.9 out of ten. Last year, in 2024 Windows Server 2025 had 90 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Windows Server 2025 in 2025 could surpass last years number. Last year, the average CVE base score was greater by 0.67
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 32 | 6.92 |
2024 | 90 | 7.59 |
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Windows Server 2025 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Windows Server 2025 Security Vulnerabilities
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21417
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21413
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21411
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21409
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows upnphost.dll Denial of Service Vulnerability
CVE-2025-21389
7.5 - High
- January 14, 2025
Windows upnphost.dll Denial of Service Vulnerability
Resource Exhaustion
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2025-21382
7.8 - High
- January 14, 2025
Windows Graphics Component Elevation of Privilege Vulnerability
Integer Overflow or Wraparound
Windows CSC Service Elevation of Privilege Vulnerability
CVE-2025-21378
7.8 - High
- January 14, 2025
Windows CSC Service Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows CSC Service Information Disclosure Vulnerability
CVE-2025-21374
5.5 - Medium
- January 14, 2025
Windows CSC Service Information Disclosure Vulnerability
Out-of-bounds Read
Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2025-21372
7.8 - High
- January 14, 2025
Microsoft Brokering File System Elevation of Privilege Vulnerability
Dangling pointer
Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
CVE-2025-21335
7.8 - High
- January 14, 2025
Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
Dangling pointer
Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
CVE-2025-21334
7.8 - High
- January 14, 2025
Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
Dangling pointer
Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
CVE-2025-21333
7.8 - High
- January 14, 2025
Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21341
6.6 - Medium
- January 14, 2025
Windows Digital Media Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability
CVE-2025-21340
5.5 - Medium
- January 14, 2025
Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability
Authorization
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21339
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
GDI+ Remote Code Execution Vulnerability
CVE-2025-21338
7.8 - High
- January 14, 2025
GDI+ Remote Code Execution Vulnerability
Integer Overflow or Wraparound
Windows Cryptographic Information Disclosure Vulnerability
CVE-2025-21336
5.6 - Medium
- January 14, 2025
Windows Cryptographic Information Disclosure Vulnerability
MapUrlToZone Security Feature Bypass Vulnerability
CVE-2025-21332
8.8 - High
- January 14, 2025
MapUrlToZone Security Feature Bypass Vulnerability
Improper Resolution of Path Equivalence
Windows Remote Desktop Services Denial of Service Vulnerability
CVE-2025-21330
7.5 - High
- January 14, 2025
Windows Remote Desktop Services Denial of Service Vulnerability
Resource Exhaustion
MapUrlToZone Security Feature Bypass Vulnerability
CVE-2025-21328
4.3 - Medium
- January 14, 2025
MapUrlToZone Security Feature Bypass Vulnerability
Improper Resolution of Path Equivalence
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21327
6.6 - Medium
- January 14, 2025
Windows Digital Media Elevation of Privilege Vulnerability
Out-of-bounds Read
Internet Explorer Remote Code Execution Vulnerability
CVE-2025-21326
7.8 - High
- January 14, 2025
Internet Explorer Remote Code Execution Vulnerability
Object Type Confusion
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21324
6.6 - Medium
- January 14, 2025
Windows Digital Media Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows Kernel Memory Information Disclosure Vulnerability
CVE-2025-21323
5.5 - Medium
- January 14, 2025
Windows Kernel Memory Information Disclosure Vulnerability
Insertion of Sensitive Information into Log File
Windows Kernel Memory Information Disclosure Vulnerability
CVE-2025-21321
5.5 - Medium
- January 14, 2025
Windows Kernel Memory Information Disclosure Vulnerability
Insertion of Sensitive Information into Log File
Windows Kernel Memory Information Disclosure Vulnerability
CVE-2025-21320
5.5 - Medium
- January 14, 2025
Windows Kernel Memory Information Disclosure Vulnerability
Insertion of Sensitive Information into Log File
Windows Kernel Memory Information Disclosure Vulnerability
CVE-2025-21319
5.5 - Medium
- January 14, 2025
Windows Kernel Memory Information Disclosure Vulnerability
Insertion of Sensitive Information into Log File
Windows Kernel Memory Information Disclosure Vulnerability
CVE-2025-21318
5.5 - Medium
- January 14, 2025
Windows Kernel Memory Information Disclosure Vulnerability
Insertion of Sensitive Information into Log File
Windows Kernel Memory Information Disclosure Vulnerability
CVE-2025-21317
5.5 - Medium
- January 14, 2025
Windows Kernel Memory Information Disclosure Vulnerability
Insertion of Sensitive Information into Log File
Windows Kernel Memory Information Disclosure Vulnerability
CVE-2025-21316
5.5 - Medium
- January 14, 2025
Windows Kernel Memory Information Disclosure Vulnerability
Insertion of Sensitive Information into Log File
Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2025-21315
7.8 - High
- January 14, 2025
Microsoft Brokering File System Elevation of Privilege Vulnerability
Dangling pointer
MapUrlToZone Security Feature Bypass Vulnerability
CVE-2025-21329
4.3 - Medium
- January 14, 2025
MapUrlToZone Security Feature Bypass Vulnerability
Improper Resolution of Path Equivalence
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2024-49138
7.8 - High
- December 12, 2024
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
CVE-2024-49109
6.6 - Medium
- December 12, 2024
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows Remote Desktop Services Remote Code Execution Vulnerability
CVE-2024-49108
8.1 - High
- December 12, 2024
Windows Remote Desktop Services Remote Code Execution Vulnerability
Race Condition
WmsRepair Service Elevation of Privilege Vulnerability
CVE-2024-49107
7.3 - High
- December 12, 2024
WmsRepair Service Elevation of Privilege Vulnerability
insecure temporary file
Windows Remote Desktop Services Remote Code Execution Vulnerability
CVE-2024-49106
8.1 - High
- December 12, 2024
Windows Remote Desktop Services Remote Code Execution Vulnerability
Race Condition
Remote Desktop Client Remote Code Execution Vulnerability
CVE-2024-49105
8.4 - High
- December 12, 2024
Remote Desktop Client Remote Code Execution Vulnerability
Authorization
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-49104
8.8 - High
- December 12, 2024
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
CVE-2024-49103
4.3 - Medium
- December 12, 2024
Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
Out-of-bounds Read
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-49102
8.8 - High
- December 12, 2024
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
CVE-2024-49101
6.6 - Medium
- December 12, 2024
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
CVE-2024-49099
4.3 - Medium
- December 12, 2024
Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
Out-of-bounds Read
Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
CVE-2024-49098
4.3 - Medium
- December 12, 2024
Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
Out-of-bounds Read
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
CVE-2024-49097
7 - High
- December 12, 2024
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
Race Condition
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2024-49096
7.5 - High
- December 12, 2024
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Resource Exhaustion
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
CVE-2024-49095
7 - High
- December 12, 2024
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
Race Condition
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
CVE-2024-49094
6.6 - Medium
- December 12, 2024
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
CVE-2024-49093
8.8 - High
- December 12, 2024
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
Incorrect Conversion between Numeric Types
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
CVE-2024-49092
6.8 - Medium
- December 12, 2024
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows Domain Name Service Remote Code Execution Vulnerability
CVE-2024-49091
7.2 - High
- December 12, 2024
Windows Domain Name Service Remote Code Execution Vulnerability
Sensitive Data Storage in Improperly Locked Memory
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2024-49090
7.8 - High
- December 12, 2024
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Untrusted Pointer Dereference
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-49089
7.2 - High
- December 12, 2024
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Integer Overflow or Wraparound
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2024-49088
7.8 - High
- December 12, 2024
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Buffer Over-read
Windows Mobile Broadband Driver Information Disclosure Vulnerability
CVE-2024-49087
4.6 - Medium
- December 12, 2024
Windows Mobile Broadband Driver Information Disclosure Vulnerability
Improper Input Validation
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-49086
8.8 - High
- December 12, 2024
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-49085
8.8 - High
- December 12, 2024
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Integer Overflow or Wraparound
Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-49084
7 - High
- December 12, 2024
Windows Kernel Elevation of Privilege Vulnerability
Race Condition
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
CVE-2024-49083
6.8 - Medium
- December 12, 2024
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows File Explorer Information Disclosure Vulnerability
CVE-2024-49082
6.8 - Medium
- December 12, 2024
Windows File Explorer Information Disclosure Vulnerability
Directory traversal
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
CVE-2024-49081
6.6 - Medium
- December 12, 2024
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows IP Routing Management Snapin Remote Code Execution Vulnerability
CVE-2024-49080
8.8 - High
- December 12, 2024
Windows IP Routing Management Snapin Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Input Method Editor (IME) Remote Code Execution Vulnerability
CVE-2024-49079
7.8 - High
- December 12, 2024
Input Method Editor (IME) Remote Code Execution Vulnerability
Dangling pointer
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
CVE-2024-49078
6.8 - Medium
- December 12, 2024
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
CVE-2024-49077
6.8 - Medium
- December 12, 2024
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
CVE-2024-49076
7.8 - High
- December 12, 2024
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
authentification
Windows Remote Desktop Services Denial of Service Vulnerability
CVE-2024-49075
7.5 - High
- December 12, 2024
Windows Remote Desktop Services Denial of Service Vulnerability
Resource Exhaustion
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
CVE-2024-49073
6.8 - Medium
- December 12, 2024
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
Improper Input Validation
Windows Task Scheduler Elevation of Privilege Vulnerability
CVE-2024-49072
7.8 - High
- December 12, 2024
Windows Task Scheduler Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows Remote Desktop Services Remote Code Execution Vulnerability
CVE-2024-49132
8.1 - High
- December 12, 2024
Windows Remote Desktop Services Remote Code Execution Vulnerability
Race Condition
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
CVE-2024-49129
7.5 - High
- December 12, 2024
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
Race Condition
Windows Remote Desktop Services Remote Code Execution Vulnerability
CVE-2024-49128
8.1 - High
- December 12, 2024
Windows Remote Desktop Services Remote Code Execution Vulnerability
Race Condition
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2024-49127
8.1 - High
- December 12, 2024
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Race Condition
Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability
CVE-2024-49126
8.1 - High
- December 12, 2024
Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability
Race Condition
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-49125
8.8 - High
- December 12, 2024
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability
CVE-2024-49124
8.1 - High
- December 12, 2024
Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability
Race Condition
Windows Remote Desktop Services Remote Code Execution Vulnerability
CVE-2024-49123
8.1 - High
- December 12, 2024
Windows Remote Desktop Services Remote Code Execution Vulnerability
Race Condition
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2024-49122
8.1 - High
- December 12, 2024
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Race Condition
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
CVE-2024-49121
7.5 - High
- December 12, 2024
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
NULL Pointer Dereference
Windows Remote Desktop Services Remote Code Execution Vulnerability
CVE-2024-49120
8.1 - High
- December 12, 2024
Windows Remote Desktop Services Remote Code Execution Vulnerability
Race Condition
Windows Remote Desktop Services Remote Code Execution Vulnerability
CVE-2024-49119
8.1 - High
- December 12, 2024
Windows Remote Desktop Services Remote Code Execution Vulnerability
Race Condition
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2024-49118
8.1 - High
- December 12, 2024
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Race Condition