📦 Windows 11 25h2

A heap-based buffer overflow vulnerability in Microsoft Graphics Component allows remote attackers to execute arbitrary code on vulnerable systems. This affects systems running Microsoft Windows with ...

This is a use-after-free vulnerability in Microsoft Graphics Component that allows an authenticated attacker to execute arbitrary code with elevated privileges over a network connection. It affects sy...

This vulnerability allows an authorized attacker with valid Remote Desktop credentials to elevate privileges on a Windows system. It affects Windows systems with Remote Desktop enabled, particularly t...

This vulnerability in the MSHTML Framework allows attackers to bypass security protections remotely, potentially enabling unauthorized access or code execution. It affects systems running vulnerable v...

A protection mechanism failure in Windows Shell allows attackers to bypass security features over a network, potentially enabling unauthorized access or privilege escalation. This affects Windows syst...

CVE-2026-21508 is an improper authentication vulnerability in Windows Storage that allows authenticated attackers to elevate privileges locally. This affects Windows systems where an attacker already ...

This vulnerability involves a use-after-free flaw in the Windows Mailslot File System that allows an authenticated attacker to execute arbitrary code with elevated privileges. It affects Windows syste...

CVE-2026-21250 is a local privilege escalation vulnerability in Windows HTTP.sys driver where an authorized attacker can exploit untrusted pointer dereference to gain SYSTEM privileges. This affects W...

A heap-based buffer overflow vulnerability in Microsoft Graphics Component allows authenticated attackers to execute arbitrary code with elevated privileges on affected systems. This affects Windows s...

A heap-based buffer overflow vulnerability in Windows Hyper-V allows authenticated attackers to execute arbitrary code on the host system. This affects systems running Hyper-V virtualization with auth...

This vulnerability is a use-after-free flaw in Windows Ancillary Function Driver for WinSock that allows an authenticated attacker to execute arbitrary code with elevated privileges. It affects Window...

A heap-based buffer overflow vulnerability in the Windows Kernel allows authenticated attackers to execute arbitrary code with elevated privileges. This affects Windows systems where an attacker alrea...

A race condition vulnerability in Windows Subsystem for Linux allows authenticated local attackers to escalate privileges by exploiting improper synchronization of shared resources. This affects Windo...

A heap-based buffer overflow vulnerability in the Windows Kernel allows authenticated attackers to execute arbitrary code with elevated privileges. This affects Windows systems where an attacker alrea...

CVE-2026-21232 is an untrusted pointer dereference vulnerability in Windows HTTP.sys that allows an authenticated attacker to escalate privileges locally. This affects Windows systems running vulnerab...

This vulnerability is a buffer over-read in Windows GDI+ that allows an unauthorized attacker to cause a denial of service over a network. It affects Windows systems with GDI+ components, potentially ...

A race condition vulnerability in the Capability Access Management Service (camsvc) allows authorized attackers to escalate privileges on local systems. This affects systems running vulnerable version...

This vulnerability allows an authenticated attacker to exploit improper link resolution in the Windows Task Host process to elevate privileges locally. Attackers could gain higher system permissions b...

This vulnerability in Windows Telephony Service allows an authorized attacker on the same network to manipulate file paths, potentially leading to privilege escalation. It affects Windows systems with...

A race condition vulnerability in Windows SMB Server allows authenticated attackers to execute code with elevated privileges over the network. This affects Windows systems running vulnerable SMB serve...

CVE-2026-20938 is an untrusted pointer dereference vulnerability in Windows Virtualization-Based Security (VBS) Enclave that allows an authenticated attacker to elevate privileges locally. This affect...

This vulnerability is a use-after-free flaw in Windows Management Services that allows an authenticated attacker to execute arbitrary code with elevated privileges on a local system. It affects Window...

A race condition vulnerability in Windows SMB Server allows authenticated attackers to escalate privileges over the network by exploiting improper synchronization of shared resources. This affects Win...

A race condition vulnerability in Windows SMB Server allows authenticated attackers to elevate privileges over the network. This affects Windows systems with SMB Server enabled, potentially allowing a...

A race condition vulnerability in Windows SMB Server allows authenticated attackers to elevate privileges over the network. This affects Windows systems with SMB Server enabled, potentially allowing a...

A heap-based buffer overflow vulnerability in Windows NTFS allows authenticated attackers to execute arbitrary code locally on affected systems. This affects Windows systems with NTFS file systems whe...

This CVE describes a use-after-free vulnerability in Windows Management Services that allows an authenticated attacker to execute arbitrary code with elevated privileges on the local system. It affect...

A race condition vulnerability in Windows Management Services allows authenticated attackers to execute code concurrently with improper synchronization, potentially leading to local privilege escalati...

This CVE describes a race condition vulnerability in Windows Management Services that allows an authenticated attacker to escalate privileges on a local system. The vulnerability affects Windows syste...

A null pointer dereference vulnerability in Windows LSASS allows attackers to cause a denial of service by crashing the service. This affects Windows systems where LSASS is running, potentially disrup...

This CVE describes a use-after-free vulnerability in Windows Management Services that allows an authenticated attacker to execute arbitrary code with elevated privileges on a local system. It affects ...

A race condition vulnerability in Windows Management Services allows authenticated attackers to escalate privileges on local systems. This affects Windows systems with the vulnerable service enabled, ...

This CVE describes a race condition vulnerability in Windows Management Services that allows an authenticated attacker to escalate privileges on a local system. Attackers can exploit improper synchron...

A heap-based buffer overflow vulnerability in Windows Routing and Remote Access Service (RRAS) allows remote unauthenticated attackers to execute arbitrary code on affected systems. This affects Windo...

A race condition vulnerability in Windows Local Session Manager allows authenticated attackers to escalate privileges on affected systems. This affects Windows systems where an attacker already has so...

This CVE describes a use-after-free vulnerability in the Windows Win32K ICOMP component that allows an authenticated attacker to escalate privileges locally. Attackers could gain SYSTEM-level access o...

This CVE describes a use-after-free vulnerability in Desktop Windows Manager that allows an authenticated attacker to execute arbitrary code with elevated privileges. It affects Windows systems where ...

This CVE describes a race condition vulnerability in Windows Management Services that allows an authenticated attacker to escalate privileges on a local system. Attackers can exploit improper synchron...

This vulnerability involves a double-free memory corruption flaw in the Windows Win32K ICOMP component. An authenticated attacker could exploit this to execute arbitrary code with elevated SYSTEM priv...

This vulnerability is a heap-based buffer overflow in the Connected Devices Platform Service (Cdpsvc) on Windows systems. It allows an authenticated attacker with local access to execute arbitrary cod...

This vulnerability involves a use-after-free memory corruption flaw in Windows Management Services that allows an authenticated attacker to execute arbitrary code with elevated privileges on the local...

A race condition vulnerability in Windows Management Services allows authenticated attackers to execute code concurrently with improper synchronization, potentially leading to local privilege escalati...

This CVE describes a Windows Secure Boot certificate expiration issue where Microsoft's UEFI certificates are expiring in 2026. Devices with affected certificates may lose Secure Boot functionality if...

This vulnerability involves uninitialized resource usage in Dynamic Root of Trust for Measurement (DRTM) technology, allowing an authorized local attacker to potentially disclose sensitive information...

This vulnerability allows an authorized attacker with local access to a Windows system to access sensitive information through Windows File Explorer. It affects Windows users who have not applied the ...

This vulnerability in Windows File Explorer allows an authorized attacker with local access to a system to access sensitive information they shouldn't have permission to view. It affects Windows users...

This vulnerability allows an unauthorized local attacker to read sensitive information from Windows Virtualization-Based Security (VBS) Enclave memory through untrusted pointer dereference. It affects...

This vulnerability is an out-of-bounds read in Windows NDIS (Network Driver Interface Specification) that allows an authorized attacker with physical access to potentially disclose sensitive informati...

This vulnerability allows an authorized attacker with local access to a Windows system to access sensitive information through Windows File Explorer. It affects Windows users who have not applied the ...

This vulnerability allows an attacker to manipulate file paths in Windows NTLM authentication, enabling network spoofing attacks. Attackers can potentially impersonate legitimate users or services by ...

A race condition vulnerability in Windows SMB Server allows authenticated attackers to cause denial of service by exploiting improper synchronization of shared resources. This affects Windows systems ...

A heap-based buffer overflow vulnerability in Windows Virtualization-Based Security (VBS) Enclave allows authenticated attackers to execute arbitrary code with elevated privileges. This affects Window...

This vulnerability allows an attacker to manipulate file paths in Windows NTLM authentication, enabling network spoofing attacks. Attackers could impersonate legitimate users or systems by controlling...

This vulnerability in Windows Management Services allows an authenticated attacker to access sensitive information from the local system. It affects Windows systems with specific management services e...

This vulnerability in Windows Shell allows an authorized attacker to access sensitive information and perform spoofing attacks over a network. It affects Windows systems where an attacker has some lev...

This vulnerability allows an unauthorized local attacker to read memory outside the intended buffer in the Capability Access Management Service (camsvc), potentially exposing sensitive information. It...

This Windows Kernel vulnerability allows authenticated local attackers to extract sensitive information through error messages. Attackers with valid credentials on the system can exploit this to leak ...

This vulnerability allows an authorized attacker on a Windows system to access sensitive information through improper access control in the Client-Side Caching (CSC) service. It affects Windows system...

This CVE describes an absolute path traversal vulnerability in Windows Shell that allows an attacker with physical access to perform spoofing attacks. The vulnerability affects Windows systems and req...

This vulnerability allows an authorized attacker to perform an out-of-bounds read in the Capability Access Management Service (camsvc), potentially disclosing sensitive information from memory. Only l...

This vulnerability allows an authorized attacker with local access to a Windows system to access sensitive information through the Tablet Windows User Interface (TWUI) Subsystem. It affects Windows sy...

This vulnerability allows an unauthorized attacker with physical access to a Windows system to read memory beyond intended boundaries through Windows Internet Connection Sharing (ICS), potentially dis...

This vulnerability is an out-of-bounds read in Windows TPM (Trusted Platform Module) that allows an authorized attacker to read memory beyond allocated boundaries, potentially exposing sensitive infor...

This Windows Remote Procedure Call vulnerability allows unauthorized local attackers to access sensitive information from system memory. It affects Windows systems with RPC services enabled, potential...

This vulnerability allows an authorized attacker with local access to a Windows system to access sensitive information through Windows File Explorer. It affects Windows users who have not applied the ...

This vulnerability allows an unauthorized attacker to bypass a local security feature in Windows Remote Assistance. Attackers could potentially gain unauthorized access to remote assistance sessions. ...

This CVE describes an improper access control vulnerability in Windows Hyper-V that allows an authenticated attacker with local access to a Hyper-V host to potentially disclose sensitive information f...

This vulnerability allows an authorized attacker to exploit an untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave to disclose sensitive information locally. It affect...

This vulnerability in Desktop Windows Manager allows an authorized attacker with local access to disclose sensitive information from the system. It affects Windows systems where an attacker already ha...

This vulnerability allows an authorized attacker to perform tampering attacks against Windows LDAP services over a network. Attackers can manipulate LDAP directory data or operations when they have va...

This vulnerability in Microsoft Graphics Component allows an authenticated attacker to access sensitive information over a network connection. It affects systems running vulnerable versions of Microso...

Windows License Manager logs sensitive information to local files, allowing authenticated local users to read this data. This affects Windows systems with the vulnerable License Manager component. Onl...

This vulnerability allows an unauthorized local attacker to manipulate file paths in Windows NTLM authentication, potentially enabling spoofing attacks. It affects Windows systems with NTLM enabled, p...