CVE-2025-26651

Exposed dangerous method or function in Windows Local Session Manager LSM allows an authorized attacker to deny service over a network...

CVE-2025-21191

Time-of-check time-of-use toctou race condition in Windows Local Security Authority LSA allows an authorized attacker to elevate privileges locally...

CVE-2025-27478

Heap-based buffer overflow in Windows Local Security Authority LSA allows an authorized attacker to elevate privileges locally...

CVE-2025-27731

Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate privileges locally...

CVE-2025-27478

Heap-based buffer overflow in Windows Local Security Authority LSA allows an authorized attacker to elevate privileges locally...

CVE-2025-26651

Exposed dangerous method or function in Windows Local Session Manager LSM allows an authorized attacker to deny service over a network...

CVE-2025-26651

Exposed dangerous method or function in Windows Local Session Manager LSM allows an authorized attacker to deny service over a network...

CVE-2025-21191

Time-of-check time-of-use toctou race condition in Windows Local Security Authority LSA allows an authorized attacker to elevate privileges locally...

CVE-2025-26651 Windows Local Session Manager (LSM) Denial of Service Vulnerability

...

CVE-2025-26651

CVE-2025-26651 is a Windows Local Session Manager (LSM) denial-of-service vulnerability. An authorized attacker could trigger a network-based DoS by exploiting an exposed dangerous method/function in LSM. The issue is documented across multiple sources and is being addressed by Microsoft security...

CVE-2025-21191

CVE-2025-21191 affects Windows Local Security Authority (LSA) with a time-of-check/time-of-use race condition that enables an authorized local attacker to elevate privileges (obtaining increased entitlements). The vulnerability is categorized under local privilege escalation and is documented in ...

CVE-2025-27478

CVE-2025-27478 is a heap-based buffer overflow in Windows Local Security Authority (LSA) that enables a locally authenticated attacker to elevate privileges. The CVE is rated CVSS v3.1 7.0 (HIGH) with Local access, high confidentiality/integrity/availability impact. Connected sources confirm the ...

Windows Local Session Manager (LSM) Denial of Service Vulnerability

Exposed dangerous method or function in Windows Local Session Manager LSM allows an authorized attacker to deny service over a network...

Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Local Security Authority LSA allows an authorized attacker to elevate privileges locally...

PT-2025-15503 · Microsoft · Windows Local Session Manager +1

Name of the Vulnerable Software and Affected Versions: Windows Local Session Manager LSM affected versions not specified Description: A denial-of-service issue exists, allowing an authorized attacker to deny service over a network by exploiting an exposed dangerous method or function in the Windo...

PT-2025-15537 · Microsoft · Windows Local Security Authority +1

Name of the Vulnerable Software and Affected Versions: Windows Local Security Authority LSA affected versions not specified Description: A heap-based buffer overflow issue allows an authorized attacker to elevate privileges locally. This elevation-of-privilege issue can be exploited by attackers ...

PT-2025-15479 · Microsoft · Windows Local Security Authority +1

Name of the Vulnerable Software and Affected Versions: Windows Local Security Authority LSA affected versions not specified Description: A time-of-check time-of-use toctou race condition exists, allowing an authorized attacker to elevate privileges locally. This issue can be exploited by attacker...

Kyaan 1.0 SQL Injection

Kyaan version 1.0 suffers from a remote SQL injection vulnerability. Exploit Title: kyaan - Multiple Vulnerabilities Date: March 27, 2025 Exploit Author: wa03 Telegram: @wa03 Vendor Homepage: https://kyaan.co Version: 1.0 Tested on: Windows local xampp DBMS: MySQL CVE: N/A Google Dork:...

CVE-2024-43522

Windows Local Security Authority LSA Elevation of Privilege Vulnerability...

July 9, 2024—KB5040438 (OS Build 25398.1009)

July 9, 2024—KB5040438 OS Build 25398.1009 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server, version 23H2, see its update history page. Improvements This security update...