Skip to main content

Windows 11 22h2

1507 CVEs product

Monthly

CVE-2025-50159 HIGH This Week

Use after free in Remote Access Point-to-Point Protocol (PPP) EAP-TLS allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Use After Free Windows 10 1507 Windows 10 1607 +13
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2025-50158 HIGH This Week

Time-of-check time-of-use (toctou) race condition in Windows NTFS allows an unauthorized attacker to disclose information locally. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2025-50155 HIGH This Week

Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Microsoft Windows 10 1507 Windows 10 1607 +13
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-50154 MEDIUM POC THREAT This Month

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 15.1%.

Microsoft Information Disclosure Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD GitHub Exploit-DB
CVSS 3.1
6.5
EPSS
15.1%
CVE-2025-50153 HIGH This Week

Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Use After Free Microsoft Windows 10 1507 +12
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49762 HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Race Condition Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2025-49761 HIGH This Month

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Use After Free Microsoft Windows 10 1507 +15
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49751 MEDIUM This Month

Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 1607 Windows 10 1809 Windows 10 21h2 +10
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2025-49743 MEDIUM This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. Rated medium severity (CVSS 6.7). No vendor patch available.

Information Disclosure Microsoft Race Condition Windows 10 1507 Windows 10 1607 +13
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2025-48807 MEDIUM CERT-EU This Month

Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally. Rated medium severity (CVSS 6.7). No vendor patch available.

Microsoft Information Disclosure Windows 10 1607 Windows 10 1809 Windows 10 21h2 +10
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2025-49744 HIGH POC PATCH This Week

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

Microsoft Heap Overflow Buffer Overflow Windows 10 22h2 Windows Server 2016 +11
NVD Exploit-DB
CVSS 3.1
7.0
EPSS
0.9%
CVE-2025-49742 HIGH PATCH This Week

Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally.

Microsoft Heap Overflow Buffer Overflow Windows 10 21h2 Windows Server 2008 +13
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49740 HIGH PATCH This Week

Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a security feature over a network.

Microsoft Authentication Bypass Windows Server 2019 Windows 10 22h2 Windows Server 2025 +11
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-49733 HIGH PATCH This Week

Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

Microsoft Use After Free Memory Corruption Denial Of Service Windows 11 23h2 +10
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49732 HIGH PATCH This Week

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

Microsoft Heap Overflow Buffer Overflow Windows 10 1809 Windows 10 22h2 +13
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49730 HIGH POC PATCH This Week

Time-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate privileges locally.

Microsoft Heap Overflow Buffer Overflow Windows Server 2012 Windows 10 22h2 +14
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.5%
CVE-2025-49727 HIGH PATCH This Week

Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

Microsoft Heap Overflow Buffer Overflow Windows Server 2025 Windows 11 22h2 +14
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2025-49726 HIGH PATCH This Week

Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.

Microsoft Use After Free Memory Corruption Denial Of Service Windows 10 22h2 +12
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49725 HIGH PATCH This Week

Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.

Microsoft Use After Free Memory Corruption Denial Of Service Windows 10 22h2 +12
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49724 HIGH PATCH This Week

Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network.

Microsoft Use After Free Memory Corruption Denial Of Service Windows 11 22h2 +10
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-49723 HIGH PATCH This Week

Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally.

Microsoft Authentication Bypass Windows Server 2019 Windows 10 21h2 Windows Server 2025 +8
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-49722 MEDIUM PATCH This Month

Uncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker to deny service over an adjacent network.

Microsoft Denial Of Service Windows 10 21h2 Windows Server 2016 Windows 10 1507 +13
NVD
CVSS 3.1
5.7
EPSS
0.3%
CVE-2025-49721 HIGH PATCH This Week

Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate privileges locally.

Microsoft Heap Overflow Buffer Overflow Windows Server 2012 Windows Server 2019 +14
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49693 HIGH PATCH This Week

A privilege escalation vulnerability in Double free in Microsoft Brokering File System (CVSS 7.8) that allows an authorized attacker. High severity vulnerability requiring prompt remediation.

Microsoft Information Disclosure Windows 11 24h2 Windows Server 2022 23h2 Windows 11 22h2 +2
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49691 HIGH PATCH This Week

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over an adjacent network.

Microsoft Heap Overflow Buffer Overflow Windows 10 1607 Windows 11 22h2 +12
NVD
CVSS 3.1
8.0
EPSS
0.1%
CVE-2025-49690 HIGH PATCH This Week

Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an unauthorized attacker to elevate privileges locally.

Race Condition Authentication Bypass Windows 11 23h2 Windows 10 21h2 Windows 11 24h2 +8
NVD
CVSS 3.1
7.4
EPSS
0.0%
CVE-2025-49689 HIGH PATCH This Week

Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

Information Disclosure Buffer Overflow Windows Server 2022 23h2 Windows Server 2019 Windows 10 22h2 +13
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49687 HIGH PATCH This Week

Out-of-bounds read in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally.

Microsoft Information Disclosure Buffer Overflow Windows 10 22h2 Windows 11 23h2 +12
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-49686 HIGH PATCH This Week

Null pointer dereference in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

Microsoft Null Pointer Dereference Denial Of Service Windows Server 2022 Windows Server 2019 +14
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49685 HIGH PATCH This Week

Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.

Microsoft Use After Free Memory Corruption Denial Of Service Windows Server 2022 +8
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2025-49684 MEDIUM PATCH This Month

Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally.

Buffer Overflow Windows 10 1507 Windows Server 2016 Windows Server 2019 Windows Server 2025 +11
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-49683 HIGH POC PATCH This Week

Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execute code locally.

Heap Overflow Buffer Overflow Windows 10 22h2 Windows 10 21h2 Windows 11 24h2 +13
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.3%
CVE-2025-49682 HIGH PATCH This Week

Use after free in Windows Media allows an authorized attacker to elevate privileges locally.

Microsoft Use After Free Memory Corruption Denial Of Service Windows 11 24h2 +8
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2025-49680 HIGH PATCH This Week

Improper link resolution before file access ('link following') in Windows Performance Recorder allows an authorized attacker to deny service locally.

Microsoft Information Disclosure Windows 11 24h2 Windows Server 2025 Windows 10 21h2 +11
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2025-49679 HIGH PATCH This Week

A privilege escalation vulnerability in Numeric truncation error in Windows Shell (CVSS 7.8) that allows an authorized attacker. High severity vulnerability requiring prompt remediation.

Microsoft Information Disclosure Windows 10 22h2 Windows Server 2019 Windows Server 2016 +13
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49678 HIGH PATCH This Week

Null pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges locally.

Microsoft Race Condition Denial Of Service Windows Server 2016 Windows 10 22h2 +14
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2025-49677 HIGH POC PATCH This Week

Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.

Microsoft Use After Free Memory Corruption Denial Of Service Windows 11 22h2
NVD Exploit-DB
CVSS 3.1
7.0
EPSS
1.2%
CVE-2025-49675 HIGH PATCH This Week

Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.

Use After Free Memory Corruption Denial Of Service Windows Server 2025 Windows 10 22h2 +14
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49667 HIGH PATCH This Week

A privilege escalation vulnerability in Double free in Windows Win32K - ICOMP (CVSS 7.8) that allows an authorized attacker. High severity vulnerability requiring prompt remediation.

Microsoft Information Disclosure Windows Server 2025 Windows 10 1809 Windows Server 2012 +13
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49665 HIGH PATCH This Week

Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally.

Race Condition Information Disclosure Windows 10 1607 Windows Server 2022 Windows 10 1507 +12
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49664 MEDIUM PATCH This Month

Exposure of sensitive information to an unauthorized actor in Windows User-Mode Driver Framework Host allows an authorized attacker to disclose information locally.

Microsoft Information Disclosure Windows Server 2019 Windows 11 22h2 Windows 10 21h2 +13
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-49661 HIGH PATCH This Week

A privilege escalation vulnerability in Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock (CVSS 7.8) that allows an authorized attacker. High severity vulnerability requiring prompt remediation.

Microsoft Information Disclosure Windows Server 2008 Windows Server 2022 23h2 Windows 10 1507 +13
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49660 HIGH PATCH This Week

Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally.

Microsoft Use After Free Memory Corruption Denial Of Service Windows 10 21h2 +14
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49659 HIGH PATCH This Week

Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.

Microsoft Buffer Overflow Windows Server 2025 Windows 10 1809 Windows Server 2019 +13
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49658 MEDIUM PATCH This Month

Out-of-bounds read in Windows TDX.sys allows an authorized attacker to disclose information locally.

Microsoft Information Disclosure Buffer Overflow Windows Server 2019 Windows Server 2012 +14
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-48823 MEDIUM PATCH This Month

Cryptographic issues in Windows Cryptographic Services allows an unauthorized attacker to disclose information over a network.

Microsoft Information Disclosure Windows 10 1607 Windows 10 22h2 Windows 11 22h2 +11
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2025-48822 HIGH PATCH This Week

Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.

Microsoft Information Disclosure Buffer Overflow Windows 11 23h2 Windows Server 2016 +11
NVD
CVSS 3.1
8.6
EPSS
0.1%
CVE-2025-48821 HIGH PATCH This Week

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.

Microsoft Use After Free Memory Corruption Denial Of Service Windows 10 1507 +15
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2025-48820 HIGH PATCH This Week

Improper link resolution before file access ('link following') in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally.

Microsoft Information Disclosure Windows 11 22h2 Windows Server 2019 Windows 11 24h2 +11
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-48819 HIGH PATCH This Week

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.

Microsoft Information Disclosure Windows 11 22h2 Windows 10 1809 Windows Server 2022 23h2 +13
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2025-48818 MEDIUM PATCH This Month

Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

Microsoft Authentication Bypass Windows 11 22h2 Windows 10 1809 Windows 10 22h2 +11
NVD
CVSS 3.1
6.8
EPSS
0.1%
CVE-2025-48817 HIGH PATCH This Week

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Path Traversal Windows 10 21h2 Windows 10 1809 Windows Server 2025 Windows Server 2008 +14
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-48816 HIGH PATCH This Week

Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally.

Information Disclosure Buffer Overflow Windows 11 22h2 Windows Server 2022 23h2 Windows 10 22h2 +13
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-48815 HIGH PATCH This Week

Access of resource using incompatible type ('type confusion') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

Microsoft Information Disclosure Memory Corruption Windows 10 1607 Windows Server 2016 +14
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-48814 HIGH PATCH This Week

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass a security feature over a network.

Microsoft Authentication Bypass Windows Server 2022 23h2 Windows Server 2008 Windows 10 1809 +12
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-48811 MEDIUM PATCH This Month

A privilege escalation vulnerability (CVSS 6.7) that allows an authorized attacker. Remediation should follow standard vulnerability management procedures.

Microsoft Information Disclosure Windows Server 2022 23h2 Windows Server 2016 Windows 10 1507 +11
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-48808 MEDIUM PATCH This Month

Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.

Microsoft Information Disclosure Windows Server 2019 Windows Server 2022 23h2 Windows Server 2025 +13
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-48806 HIGH PATCH This Week

Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.

Microsoft Use After Free Memory Corruption Denial Of Service Windows Server 2008 +14
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-48805 HIGH PATCH This Week

Heap-based buffer overflow in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.

Microsoft Heap Overflow Buffer Overflow Windows Server 2025 Windows 10 21h2 +13
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-48804 MEDIUM PATCH This Month

A security vulnerability in Acceptance of extraneous untrusted data with trusted data in Windows BitLocker (CVSS 6.8) that allows an unauthorized attacker. Remediation should follow standard vulnerability management procedures.

Microsoft Authentication Bypass Windows 10 1507 Windows 11 23h2 Windows 10 1607 +12
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-48803 MEDIUM PATCH This Month

A privilege escalation vulnerability (CVSS 6.7) that allows an authorized attacker. Remediation should follow standard vulnerability management procedures.

Microsoft Information Disclosure Windows 11 22h2 Windows 11 23h2 Windows 10 21h2 +11
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-48802 MEDIUM PATCH This Month

Improper certificate validation in Windows SMB allows an authorized attacker to perform spoofing over a network.

Microsoft Information Disclosure Windows Server 2022 23h2 Windows Server 2022 Windows 11 22h2 +2
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-48800 MEDIUM PATCH This Month

Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

Microsoft Authentication Bypass Windows 10 1607 Windows Server 2022 Windows 11 23h2 +11
NVD
CVSS 3.1
6.8
EPSS
0.1%
CVE-2025-48799 HIGH POC PATCH This Week

Improper link resolution before file access ('link following') in Windows Update Service allows an authorized attacker to elevate privileges locally.

Microsoft Information Disclosure Windows 10 1607 Windows 11 24h2 Windows 11 22h2 +6
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2025-48003 MEDIUM PATCH This Month

Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

Microsoft Authentication Bypass Windows 10 22h2 Windows Server 2022 Windows 11 22h2 +8
NVD
CVSS 3.1
6.8
EPSS
0.1%
CVE-2025-48001 MEDIUM PATCH This Month

Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

Microsoft Authentication Bypass Windows 10 1507 Windows 11 24h2 Windows 10 21h2 +12
NVD
CVSS 3.1
6.8
EPSS
0.1%
CVE-2025-48000 HIGH PATCH This Week

Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.

Microsoft Race Condition Denial Of Service Windows Server 2022 23h2 Windows 11 23h2 +11
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-47999 MEDIUM PATCH This Month

A security vulnerability in Missing synchronization in Windows Hyper-V (CVSS 6.8) that allows an authorized attacker. Remediation should follow standard vulnerability management procedures.

Microsoft Information Disclosure Windows 10 1607 Windows Server 2022 23h2 Windows Server 2019 +10
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2025-47996 HIGH PATCH This Week

Integer underflow (wrap or wraparound) in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally.

Microsoft Information Disclosure Buffer Overflow Windows Server 2016 Windows 10 1507 +14
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-47991 HIGH PATCH This Week

Use after free in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally.

Microsoft Use After Free Memory Corruption Denial Of Service Windows Server 2022 +11
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-47987 HIGH POC PATCH This Week

Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally.

Microsoft Heap Overflow Buffer Overflow Windows Server 2012 Windows Server 2019 +14
NVD Exploit-DB VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-47986 HIGH PATCH This Week

Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally.

Use After Free Memory Corruption Denial Of Service Windows Server 2022 Windows 10 1809 +14
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-47985 HIGH PATCH This Week

A privilege escalation vulnerability in Untrusted pointer dereference in Windows Event Tracing (CVSS 7.8) that allows an authorized attacker. High severity vulnerability requiring prompt remediation.

Microsoft Information Disclosure Windows 10 1607 Windows 11 23h2 Windows 10 1507 +13
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-47984 HIGH PATCH This Week

Protection mechanism failure in Windows GDI allows an unauthorized attacker to disclose information over a network.

Microsoft Information Disclosure Windows Server 2008 Windows 11 22h2 Windows 10 22h2 +13
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-47982 HIGH PATCH This Week

Improper input validation in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.

Microsoft Information Disclosure Windows 10 1607 Windows Server 2025 Windows 11 23h2 +10
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-47981 CRITICAL POC PATCH Act Now

Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network.

Microsoft Heap Overflow Buffer Overflow Windows 10 21h2 Windows 11 23h2 +14
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2025-47980 MEDIUM PATCH This Month

Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an unauthorized attacker to disclose information locally.

Microsoft Information Disclosure Windows Server 2022 Windows 11 24h2 Windows 10 1809 +13
NVD
CVSS 3.1
6.2
EPSS
0.1%
CVE-2025-47976 HIGH PATCH This Week

Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

Microsoft Use After Free Memory Corruption Denial Of Service Windows Server 2022 23h2 +15
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-47975 HIGH PATCH This Week

A privilege escalation vulnerability in Double free in Windows SSDP Service (CVSS 7.0) that allows an authorized attacker. High severity vulnerability requiring prompt remediation.

Microsoft Information Disclosure Windows 10 1809 Windows 11 22h2 Windows 11 24h2 +13
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2025-47973 HIGH PATCH This Week

Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

Buffer Overflow Windows Server 2008 Windows Server 2016 Windows 10 21h2 Windows Server 2012 +12
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-47972 HIGH PATCH This Week

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges over a network.

Microsoft Race Condition Information Disclosure Windows Server 2016 Windows Server 2022 +11
NVD
CVSS 3.1
8.0
EPSS
0.1%
CVE-2025-47971 HIGH PATCH This Week

Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

Buffer Overflow Windows 10 22h2 Windows 10 1607 Windows 10 1507 Windows 10 1809 +12
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-47159 HIGH PATCH This Week

Protection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.

Microsoft Information Disclosure Windows 11 22h2 Windows 10 1507 Windows 10 22h2 +11
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-33054 HIGH PATCH This Week

A security vulnerability in Insufficient UI warning of dangerous operations in Remote Desktop Client (CVSS 8.1) that allows an unauthorized attacker. High severity vulnerability requiring prompt remediation.

Authentication Bypass Windows 11 24h2 Windows Server 2025 Windows 11 22h2 Windows 11 23h2 +1
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-47969 MEDIUM PATCH This Month

Exposure of sensitive information to an unauthorized actor in Windows Hello allows an authorized attacker to disclose information locally.

Microsoft Information Disclosure Windows Server 2025 Windows 11 24h2 Windows 11 23h2 +2
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2025-47955 HIGH PATCH This Week

Privilege escalation vulnerability in Windows Remote Access Connection Manager that allows an authenticated local attacker to elevate privileges to a higher integrity level without user interaction. The vulnerability affects Windows systems with Remote Access Connection Manager enabled and has a CVSS score of 7.8 (High severity). While no active exploitation in the wild has been publicly confirmed at this time, the local attack vector combined with low complexity and no user interaction requirement makes this a significant risk for multi-user or compromised systems where an attacker already has local access.

Microsoft Privilege Escalation Windows Windows Server 2022 Windows 10 1507 +13
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-47160 MEDIUM PATCH This Month

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.

Microsoft Authentication Bypass Windows 10 1507 Windows 11 24h2 Windows Server 2016 +12
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2025-33075 HIGH PATCH This Week

Privilege escalation vulnerability in Windows Installer that exploits improper symlink/junction handling (CWE-59: link following) to allow an authorized local attacker to elevate privileges without user interaction. With a CVSS score of 7.8 and CVSS vector indicating local attack vector with low complexity and no user interaction required, this vulnerability affects Windows Installer across multiple versions. Real-world risk depends on KEV/CISA status and EPSS probability, which should be cross-referenced against active exploitation reports and POC availability.

Microsoft Windows Privilege Escalation Windows Server 2019 Windows Server 2025 +13
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2025-33073 HIGH POC KEV PATCH THREAT Act Now

Windows SMB contains an improper access control vulnerability (CVE-2025-33073, CVSS 8.8) enabling authenticated attackers to escalate privileges over the network. KEV-listed with EPSS 57.6% and public PoC, this vulnerability in the core Windows file sharing protocol affects every Windows system on the network, enabling lateral movement from any compromised domain account to SYSTEM-level access on SMB-accessible systems.

Microsoft Information Disclosure Windows Server 2022 Windows 11 24h2 Windows 10 21h2 +14
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
57.6%
Threat
6.5
CVE-2025-33070 HIGH PATCH This Week

Use-of-uninitialized-resource vulnerability in Windows Netlogon that allows unauthenticated network attackers to achieve privilege escalation through a complex exploitation path. The vulnerability affects Windows systems running Netlogon services and enables remote code execution with high impact on confidentiality, integrity, and availability. Given the network-based attack vector and lack of authentication requirements, this represents a significant threat to networked Windows environments, though exploitation requires specific conditions (high attack complexity).

Microsoft Authentication Bypass Windows 11 24h2 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
8.1
EPSS
0.4%
EPSS 0% CVSS 7.3
HIGH This Week

Use after free in Remote Access Point-to-Point Protocol (PPP) EAP-TLS allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Use After Free +15
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Time-of-check time-of-use (toctou) race condition in Windows NTFS allows an unauthorized attacker to disclose information locally. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Microsoft Information Disclosure Windows 10 1507 +15
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Microsoft +15
NVD
EPSS 15% CVSS 6.5
MEDIUM POC THREAT This Month

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 15.1%.

Microsoft Information Disclosure Windows 10 1507 +15
NVD GitHub Exploit-DB
EPSS 0% CVSS 7.8
HIGH This Week

Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Use After Free +14
NVD
EPSS 0% CVSS 7.0
HIGH This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Microsoft Race Condition +16
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Use After Free +17
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Windows 10 1607 +12
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. Rated medium severity (CVSS 6.7). No vendor patch available.

Information Disclosure Microsoft Race Condition +15
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally. Rated medium severity (CVSS 6.7). No vendor patch available.

Microsoft Information Disclosure Windows 10 1607 +12
NVD
EPSS 1% CVSS 7.0
HIGH POC PATCH This Week

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

Microsoft Heap Overflow Buffer Overflow +13
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally.

Microsoft Heap Overflow Buffer Overflow +15
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a security feature over a network.

Microsoft Authentication Bypass Windows Server 2019 +13
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

Microsoft Use After Free Memory Corruption +12
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

Microsoft Heap Overflow Buffer Overflow +15
NVD
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

Time-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate privileges locally.

Microsoft Heap Overflow Buffer Overflow +16
NVD Exploit-DB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

Microsoft Heap Overflow Buffer Overflow +16
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.

Microsoft Use After Free Memory Corruption +14
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.

Microsoft Use After Free Memory Corruption +14
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network.

Microsoft Use After Free Memory Corruption +12
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally.

Microsoft Authentication Bypass Windows Server 2019 +10
NVD
EPSS 0% CVSS 5.7
MEDIUM PATCH This Month

Uncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker to deny service over an adjacent network.

Microsoft Denial Of Service Windows 10 21h2 +15
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate privileges locally.

Microsoft Heap Overflow Buffer Overflow +16
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A privilege escalation vulnerability in Double free in Microsoft Brokering File System (CVSS 7.8) that allows an authorized attacker. High severity vulnerability requiring prompt remediation.

Microsoft Information Disclosure Windows 11 24h2 +4
NVD
EPSS 0% CVSS 8.0
HIGH PATCH This Week

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over an adjacent network.

Microsoft Heap Overflow Buffer Overflow +14
NVD
EPSS 0% CVSS 7.4
HIGH PATCH This Week

Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an unauthorized attacker to elevate privileges locally.

Race Condition Authentication Bypass Windows 11 23h2 +10
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

Information Disclosure Buffer Overflow Windows Server 2022 23h2 +15
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Out-of-bounds read in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally.

Microsoft Information Disclosure Buffer Overflow +14
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Null pointer dereference in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

Microsoft Null Pointer Dereference Denial Of Service +16
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.

Microsoft Use After Free Memory Corruption +10
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally.

Buffer Overflow Windows 10 1507 Windows Server 2016 +13
NVD
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execute code locally.

Heap Overflow Buffer Overflow Windows 10 22h2 +15
NVD Exploit-DB
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Use after free in Windows Media allows an authorized attacker to elevate privileges locally.

Microsoft Use After Free Memory Corruption +10
NVD
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Improper link resolution before file access ('link following') in Windows Performance Recorder allows an authorized attacker to deny service locally.

Microsoft Information Disclosure Windows 11 24h2 +13
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A privilege escalation vulnerability in Numeric truncation error in Windows Shell (CVSS 7.8) that allows an authorized attacker. High severity vulnerability requiring prompt remediation.

Microsoft Information Disclosure Windows 10 22h2 +15
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Null pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges locally.

Microsoft Race Condition Denial Of Service +16
NVD
EPSS 1% CVSS 7.0
HIGH POC PATCH This Week

Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.

Microsoft Use After Free Memory Corruption +2
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.

Use After Free Memory Corruption Denial Of Service +16
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A privilege escalation vulnerability in Double free in Windows Win32K - ICOMP (CVSS 7.8) that allows an authorized attacker. High severity vulnerability requiring prompt remediation.

Microsoft Information Disclosure Windows Server 2025 +15
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally.

Race Condition Information Disclosure Windows 10 1607 +14
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Exposure of sensitive information to an unauthorized actor in Windows User-Mode Driver Framework Host allows an authorized attacker to disclose information locally.

Microsoft Information Disclosure Windows Server 2019 +15
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A privilege escalation vulnerability in Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock (CVSS 7.8) that allows an authorized attacker. High severity vulnerability requiring prompt remediation.

Microsoft Information Disclosure Windows Server 2008 +15
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally.

Microsoft Use After Free Memory Corruption +16
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.

Microsoft Buffer Overflow Windows Server 2025 +15
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Out-of-bounds read in Windows TDX.sys allows an authorized attacker to disclose information locally.

Microsoft Information Disclosure Buffer Overflow +16
NVD
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Cryptographic issues in Windows Cryptographic Services allows an unauthorized attacker to disclose information over a network.

Microsoft Information Disclosure Windows 10 1607 +13
NVD
EPSS 0% CVSS 8.6
HIGH PATCH This Week

Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.

Microsoft Information Disclosure Buffer Overflow +13
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.

Microsoft Use After Free Memory Corruption +17
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Improper link resolution before file access ('link following') in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally.

Microsoft Information Disclosure Windows 11 22h2 +13
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.

Microsoft Information Disclosure Windows 11 22h2 +15
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

Microsoft Authentication Bypass Windows 11 22h2 +13
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Path Traversal Windows 10 21h2 Windows 10 1809 +16
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally.

Information Disclosure Buffer Overflow Windows 11 22h2 +15
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Access of resource using incompatible type ('type confusion') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

Microsoft Information Disclosure Memory Corruption +16
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass a security feature over a network.

Microsoft Authentication Bypass Windows Server 2022 23h2 +14
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

A privilege escalation vulnerability (CVSS 6.7) that allows an authorized attacker. Remediation should follow standard vulnerability management procedures.

Microsoft Information Disclosure Windows Server 2022 23h2 +13
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.

Microsoft Information Disclosure Windows Server 2019 +15
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.

Microsoft Use After Free Memory Corruption +16
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Heap-based buffer overflow in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.

Microsoft Heap Overflow Buffer Overflow +15
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

A security vulnerability in Acceptance of extraneous untrusted data with trusted data in Windows BitLocker (CVSS 6.8) that allows an unauthorized attacker. Remediation should follow standard vulnerability management procedures.

Microsoft Authentication Bypass Windows 10 1507 +14
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

A privilege escalation vulnerability (CVSS 6.7) that allows an authorized attacker. Remediation should follow standard vulnerability management procedures.

Microsoft Information Disclosure Windows 11 22h2 +13
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Improper certificate validation in Windows SMB allows an authorized attacker to perform spoofing over a network.

Microsoft Information Disclosure Windows Server 2022 23h2 +4
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

Microsoft Authentication Bypass Windows 10 1607 +13
NVD
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Improper link resolution before file access ('link following') in Windows Update Service allows an authorized attacker to elevate privileges locally.

Microsoft Information Disclosure Windows 10 1607 +8
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

Microsoft Authentication Bypass Windows 10 22h2 +10
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

Microsoft Authentication Bypass Windows 10 1507 +14
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.

Microsoft Race Condition Denial Of Service +13
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

A security vulnerability in Missing synchronization in Windows Hyper-V (CVSS 6.8) that allows an authorized attacker. Remediation should follow standard vulnerability management procedures.

Microsoft Information Disclosure Windows 10 1607 +12
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Integer underflow (wrap or wraparound) in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally.

Microsoft Information Disclosure Buffer Overflow +16
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use after free in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally.

Microsoft Use After Free Memory Corruption +13
NVD
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally.

Microsoft Heap Overflow Buffer Overflow +16
NVD Exploit-DB VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally.

Use After Free Memory Corruption Denial Of Service +16
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A privilege escalation vulnerability in Untrusted pointer dereference in Windows Event Tracing (CVSS 7.8) that allows an authorized attacker. High severity vulnerability requiring prompt remediation.

Microsoft Information Disclosure Windows 10 1607 +15
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Protection mechanism failure in Windows GDI allows an unauthorized attacker to disclose information over a network.

Microsoft Information Disclosure Windows Server 2008 +15
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Improper input validation in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.

Microsoft Information Disclosure Windows 10 1607 +12
NVD
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network.

Microsoft Heap Overflow Buffer Overflow +16
NVD
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an unauthorized attacker to disclose information locally.

Microsoft Information Disclosure Windows Server 2022 +15
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

Microsoft Use After Free Memory Corruption +17
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

A privilege escalation vulnerability in Double free in Windows SSDP Service (CVSS 7.0) that allows an authorized attacker. High severity vulnerability requiring prompt remediation.

Microsoft Information Disclosure Windows 10 1809 +15
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

Buffer Overflow Windows Server 2008 Windows Server 2016 +14
NVD
EPSS 0% CVSS 8.0
HIGH PATCH This Week

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges over a network.

Microsoft Race Condition Information Disclosure +13
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

Buffer Overflow Windows 10 22h2 Windows 10 1607 +14
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Protection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.

Microsoft Information Disclosure Windows 11 22h2 +13
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

A security vulnerability in Insufficient UI warning of dangerous operations in Remote Desktop Client (CVSS 8.1) that allows an unauthorized attacker. High severity vulnerability requiring prompt remediation.

Authentication Bypass Windows 11 24h2 Windows Server 2025 +3
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Exposure of sensitive information to an unauthorized actor in Windows Hello allows an authorized attacker to disclose information locally.

Microsoft Information Disclosure Windows Server 2025 +4
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Privilege escalation vulnerability in Windows Remote Access Connection Manager that allows an authenticated local attacker to elevate privileges to a higher integrity level without user interaction. The vulnerability affects Windows systems with Remote Access Connection Manager enabled and has a CVSS score of 7.8 (High severity). While no active exploitation in the wild has been publicly confirmed at this time, the local attack vector combined with low complexity and no user interaction requirement makes this a significant risk for multi-user or compromised systems where an attacker already has local access.

Microsoft Privilege Escalation Windows +15
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.

Microsoft Authentication Bypass Windows 10 1507 +14
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Privilege escalation vulnerability in Windows Installer that exploits improper symlink/junction handling (CWE-59: link following) to allow an authorized local attacker to elevate privileges without user interaction. With a CVSS score of 7.8 and CVSS vector indicating local attack vector with low complexity and no user interaction required, this vulnerability affects Windows Installer across multiple versions. Real-world risk depends on KEV/CISA status and EPSS probability, which should be cross-referenced against active exploitation reports and POC availability.

Microsoft Windows Privilege Escalation +15
NVD
EPSS 58% 6.5 CVSS 8.8
HIGH POC KEV PATCH THREAT Act Now

Windows SMB contains an improper access control vulnerability (CVE-2025-33073, CVSS 8.8) enabling authenticated attackers to escalate privileges over the network. KEV-listed with EPSS 57.6% and public PoC, this vulnerability in the core Windows file sharing protocol affects every Windows system on the network, enabling lateral movement from any compromised domain account to SYSTEM-level access on SMB-accessible systems.

Microsoft Information Disclosure Windows Server 2022 +16
NVD Exploit-DB
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Use-of-uninitialized-resource vulnerability in Windows Netlogon that allows unauthenticated network attackers to achieve privilege escalation through a complex exploitation path. The vulnerability affects Windows systems running Netlogon services and enables remote code execution with high impact on confidentiality, integrity, and availability. Given the network-based attack vector and lack of authentication requirements, this represents a significant threat to networked Windows environments, though exploitation requires specific conditions (high attack complexity).

Microsoft Authentication Bypass Windows 11 24h2 +15
NVD
Prev Page 2 of 17 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy