Microsoft Windows Subsystem For Linux
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Windows Subsystem For Linux.
Recent Microsoft Windows Subsystem For Linux Security Advisories
| Advisory | Title | Published |
|---|---|---|
| CVE-2026-57973 | CVE-2026-57973 Windows Subsystem for Linux (WSL2) Kernel Tampering Vulnerability | July 14, 2026 |
| CVE-2026-57968 | CVE-2026-57968 Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability | July 14, 2026 |
| CVE-2026-21237 | CVE-2026-21237 Windows Subsystem for Linux Elevation of Privilege Vulnerability | February 10, 2026 |
| CVE-2026-21242 | CVE-2026-21242 Windows Subsystem for Linux Elevation of Privilege Vulnerability | February 10, 2026 |
| CVE-2025-62220 | CVE-2025-62220 Windows Subsystem for Linux GUI Remote Code Execution Vulnerability | November 11, 2025 |
| CVE-2025-53788 | CVE-2025-53788 Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability | August 12, 2025 |
| CVE-2025-26675 | CVE-2025-26675 Windows Subsystem for Linux Elevation of Privilege Vulnerability | April 8, 2025 |
| CVE-2025-24084 | CVE-2025-24084 Windows Subsystem for Linux (WSL2) Kernel Remote Code Execution Vulnerability | March 11, 2025 |
| CVE-2024-20681 | Windows Subsystem for Linux Elevation of Privilege Vulnerability | January 9, 2024 |
| CVE-2022-44689 | Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability | December 13, 2022 |
By the Year
In 2026 there have been 2 vulnerabilities in Microsoft Windows Subsystem For Linux with an average score of 7.1 out of ten. Last year, in 2025 Windows Subsystem For Linux had 3 security vulnerabilities published. At the current rates, it appears that the number of vulnerabilities last year and this year may equal out. Last year, the average CVE base score was greater by 0.68
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 2 | 7.05 |
| 2025 | 3 | 7.73 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 2 | 7.40 |
| 2021 | 1 | 9.80 |
It may take a day or so for new Windows Subsystem For Linux vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Windows Subsystem For Linux Security Vulnerabilities
Jul 2026: Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability
CVE-2026-57968
7.8 - High
- July 14, 2026
Buffer over-read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.
Buffer Over-read
Jul 2026: Windows Subsystem for Linux (WSL2) Kernel Tampering Vulnerability
CVE-2026-57973
6.3 - Medium
- July 14, 2026
Time-of-check time-of-use (toctou) race condition in Windows Subsystem for Linux allows an authorized attacker to perform tampering locally.
TOCTTOU
Aug 2025: Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability
CVE-2025-53788
7 - High
- August 12, 2025
Time-of-check time-of-use (toctou) race condition in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.
TOCTTOU
Apr 2025: Windows Subsystem for Linux Elevation of Privilege Vulnerability
CVE-2025-26675
7.8 - High
- April 08, 2025
Out-of-bounds read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.
Out-of-bounds Read
Mar 2025: Windows Subsystem for Linux (WSL2) Kernel Remote Code Execution Vulnerability
CVE-2025-24084
8.4 - High
- March 11, 2025
Untrusted pointer dereference in Windows Subsystem for Linux allows an unauthorized attacker to execute code locally.
Untrusted Pointer Dereference
WSL2 Kernel Privilege Escalation Vulnerability
CVE-2022-44689
7.8 - High
- December 13, 2022
Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability
WSL2 Kernel Elevation of Privilege in MS WSL2
CVE-2022-38014
7 - High
- November 09, 2022
Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability
Race Condition
Visual Studio Code WSL Extension Remote Code Execution Vulnerability
CVE-2021-43907
9.8 - Critical
- December 15, 2021
Visual Studio Code WSL Extension Remote Code Execution Vulnerability
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Windows Subsystem For Linux or by Microsoft? Click the Watch button to subscribe.