Lucene search
K
MicrosoftWindows 11 25h2

617 matches found

CVE
CVE
added 2025/10/14 5:1 p.m.507 views

CVE-2025-59230

CVE-2025-59230 describes an improper access control flaw in the Windows Remote Access Connection Manager (RasMan). The vulnerability allows an authenticated local user to elevate privileges to SYSTEM by manipulating RasMan’s IPC handling/ACLs, as reported in multiple sources. Exploitation activit...

7.8CVSS6.5AI score0.02615EPSS
In wild
CVE
CVE
added 2025/11/11 5:59 p.m.506 views

CVE-2025-62215

CVE-2025-62215 is a Windows Kernel race condition that enables local privilege escalation to SYSTEM by exploiting a concurrency window over kernel object handles, causing a double-free. A PoC exploit repository demonstrates a multithreaded trigger and heap spraying to achieve token elevation. Pub...

7CVSS5.8AI score0.061EPSS
In wild
CVE
CVE
added 2025/10/14 5:1 p.m.474 views

CVE-2025-55695

CVE-2025-55695 describes an out-of-bounds read vulnerability in the Windows WLAN Auto Config Service that enables an authorized local attacker to disclose information. The description in the initial document confirms the root cause (out-of-bounds read) and the impact (local information disclosure...

5.5CVSS6.1AI score0.00372EPSS
CVE
CVE
added 2025/10/14 5:0 p.m.467 views

CVE-2025-59294

CVE-2025-59294 affects Windows Taskbar Live. The description indicates exposure of sensitive information to an unauthorized actor under physical access, enabling information disclosure. Connected documents provide limited details: the exact vulnerable component context and remediation are not spe...

4.6CVSS5.8AI score0.00573EPSS
CVE
CVE
added 2025/11/11 5:59 p.m.463 views

CVE-2025-59513

Technical details about CVE-2025-59513 are not publicly available in the provided documents. Monitor for updates from Microsoft and the CVE entry for affected components, impact, and remediation.

5.5CVSS5AI score0.0044EPSS
CVE
CVE
added 2025/10/14 5:0 p.m.462 views

CVE-2025-59211

CVE-2025-59211 concerns exposure of sensitive information to an unauthorized actor in Windows Push Notification Core, enabling an attacker with local access to disclose information. The initial entry identifies a local attack vector with a medium base score (CVSS 3.1: AV=L, AC=L, PR=L, UI=N, S=U,...

5.5CVSS6.1AI score0.00554EPSS
CVE
CVE
added 2025/10/14 5:0 p.m.451 views

CVE-2025-59204

CVE-2025-59204 concerns Windows Management Services and is triggered by use of an uninitialized resource, leading to local information disclosure. The impact is confidentiality loss with local attack vector (required local access, no user interaction). The connected documents confirm Windows secu...

5.5CVSS6.2AI score0.00468EPSS
CVE
CVE
added 2026/06/09 5:6 p.m.439 views

CVE-2026-44815

CVE-2026-44815 is a stack-based buffer overflow in the Windows DHCP Client that enables remote code execution over the network. Affected component: Windows DHCP Client; root cause is a stack-based overflow. Consequences are remote code execution with high impact, as indicated by the CVSS vector (...

9.8CVSS6AI score0.011EPSS
CVE
CVE
added 2026/01/13 5:56 p.m.436 views

CVE-2026-20862

CVE-2026-20862 is a Windows Management Services information disclosure vulnerability. The description in the initial document states that it allows an authorized attacker to disclose sensitive information locally. The connected Nessus/NCSC/ENISA entries confirm this is a local-impact issue tied t...

5.5CVSS6.1AI score0.00614EPSS
CVE
CVE
added 2026/01/13 5:56 p.m.358 views

CVE-2026-20962

CVE-2026-20962 is described as a local-information-disclosure vulnerability in the Dynamic Root of Trust for Measurement (DRTM) mechanism. The initial and connected sources indicate an issue arising from use of an uninitialized resource, allowing an authorized attacker with local access to disclo...

4.4CVSS6.2AI score0.00399EPSS
CVE
CVE
added 2026/02/10 5:51 p.m.348 views

CVE-2026-21510

CVE-2026-21510 is a Windows Shell security feature bypass vulnerability (Protection Mechanism Failure) that can allow remote code execution by bypassing SmartScreen prompts and shell warnings. Affected component: Windows Shell (explorer.exe) and related UI elements. Exploitation requires social e...

8.8CVSS5.5AI score0.25835EPSS
In wild
CVE
CVE
added 2026/06/09 5:4 p.m.333 views

CVE-2026-45657

CVE-2026-45657 is a use-after-free in the Windows Kernel that enables a remote attacker to execute code over a network without user interaction. The formal CVSSv3.1 base score is 9.8 (CRITICAL), with network attack vector, low attack complexity, no privileges required, and high impact to confiden...

9.8CVSS5.7AI score0.15478EPSS
CVE
CVE
added 2026/02/10 5:51 p.m.294 views

CVE-2026-21533

CVE-2026-21533 affects Windows Remote Desktop Services (RDS) and is caused by improper privilege management (CWE-269), allowing a local authenticated attacker with low privileges to elevate to SYSTEM. Multiple connected sources corroborate that the issue is a local EoP in RDS with CVSSv3 7.8 (HIG...

7.8CVSS5.5AI score0.03846EPSS
In wild
CVE
CVE
added 2026/06/09 5:4 p.m.262 views

CVE-2026-47291

The CVE-2026-47291 entry describes an integer overflow/ wraparound in Windows HTTP.sys that enables a remote attacker to execute code over the network. Affected software component: Windows HTTP.sys. Root cause: integer overflow/wraparound in the HTTP.sys processing path. Impact: unauthenticated n...

9.8CVSS5.7AI score0.21506EPSS
CVE
CVE
added 2026/04/14 4:58 p.m.260 views

CVE-2026-33824

CVE-2026-33824 is a Windows IKE Extension (ikeext) remote code execution vulnerability caused by a double-free in IKEEXT. ZDI notes it is wormable and affects systems with IKE enabled; exploitation can occur over UDP/500-4500 and may enable lateral movement from inside networks. Microsoft has iss...

9.8CVSS5.9AI score0.5585EPSS
CVE
CVE
added 2026/06/09 5:5 p.m.224 views

CVE-2026-42904

CVE-2026-42904 is a Windows TCP/IP heap-based buffer overflow vulnerability that allows an unauthenticated attacker on an adjacent network to elevate privileges. The issue affects the Windows TCP/IP stack and is identified as a 9.6 (CRITICAL) CVSSv3.1 Base Score with attacker-friendly characteris...

9.6CVSS5.8AI score0.00438EPSS
CVE
CVE
added 2026/06/09 5:6 p.m.167 views

CVE-2026-42992

CVE-2026-42992 describes a heap-based buffer overflow in the Remote Desktop Client that could allow an unauthenticated attacker to execute code over the network. The vulnerability affects the Remote Desktop Client as described across multiple sources (NVD, CVE listings, and Microsoft’s advisory)....

7.5CVSS6AI score0.00461EPSS
CVE
CVE
added 2026/06/09 5:5 p.m.165 views

CVE-2026-45602

Technical details (affected product versions, root cause, exploit specifics, and remediation) are not publicly available in the provided documents. Monitor for updates from NVD and CVE List for CVE-2026-45602.

9.1CVSS5.4AI score0.00366EPSS
CVE
CVE
added 2026/06/09 5:5 p.m.164 views

CVE-2026-45586

Technical details (affected product/component, root cause, impact, versions, or exploit information) are not publicly available in the provided documents. Monitor for updates.

7.8CVSS5.4AI score0.03028EPSS
CVE
CVE
added 2026/05/19 11:30 p.m.163 views

CVE-2026-45585

CVE-2026-45585 concerns a Windows security feature bypass publicly referred to as “YellowKey.” The CVE entry notes a mitigation path provided by Microsoft to protect against the vulnerability until an update is released. The CVSSv3.1 metrics indicate a MEDIUM base score (6.8) with physical attack...

6.8CVSS5.9AI score0.01249EPSS
CVE
CVE
added 2026/06/09 5:5 p.m.161 views

CVE-2026-48576

CVE-2026-48576 is a Windows Secure Boot vulnerability described as a protection mechanism failure enabling a local attacker with high privileges to bypass a security feature. The available documents specify a local attack vector with low complexity and no user interaction, and a base CVSS 3.1 sco...

7.9CVSS7.1AI score0.01028EPSS
CVE
CVE
added 2026/04/14 4:58 p.m.157 views

CVE-2026-33829

CVE-2026-33829 concerns the Windows Snipping Tool and is assigned a CVSSv3.1 base score of 4.3 (Medium). The vulnerability is described with a network attack vector but requires user interaction and does not affect integrity or availability, with confidentiality impact listed as Low. The metric i...

4.3CVSS5.8AI score0.03447EPSS
Web
CVE
CVE
added 2026/05/12 4:59 p.m.128 views

CVE-2026-40369

CVE-2026-40369 is a Windows Kernel elevation of privilege vulnerability described as an untrusted pointer dereference that could allow an authorized, local attacker to elevate privileges. Connected documents confirm this is affecting Windows kernel components across Windows 11 (versions in 25H2/2...

7.8CVSS5.9AI score0.04725EPSS
CVE
CVE
added 2026/06/09 5:5 p.m.125 views

CVE-2026-45597

The CVE-2026-45597 issue affects Windows UI Automation Manager (uiamanager.dll). A race condition arises from concurrent execution with improper synchronization on a shared resource, enabling a local, authorized attacker to elevate privileges. Documents confirm the vulnerability type and impact (...

7CVSS5.6AI score0.00186EPSS
CVE
CVE
added 2025/06/05 12:0 a.m.124 views

CVE-2025-47827

Technical details for CVE-2025-47827 are not publicly provided in the supplied documents. The initial description notes a Secure Boot bypass via igel-flash-driver, but no additional technical specifics, affected versions, or fixes are included here. Monitor for updates.

4.6CVSS6.8AI score0.03817EPSS
In wild
CVE
CVE
added 2025/11/11 5:59 p.m.118 views

CVE-2025-60710

CVE-2025-60710 is a Windows privilege-escalation vulnerability in the Host Process for Windows Tasks caused by improper link resolution before file access (link following). The CVE entry notes local abuse by an authorized attacker and a high impact (C:H, I:H, A:H) with local attack vector and no ...

7.8CVSS5.3AI score0.04601EPSS
In wild
CVE
CVE
added 2026/06/09 5:4 p.m.117 views

CVE-2026-33828

CVE-2026-33828 affects Windows Device Health Attestation (DHA). The vulnerability is a trust boundary violation in Windows Attestation that allows an authorized local attacker to elevate privileges. CVSS v3.1 base metrics indicate high impact to confidentiality, integrity, and availability with l...

7.8CVSS5.4AI score0.0031EPSS
CVE
CVE
added 2025/12/09 5:56 p.m.114 views

CVE-2025-62221

CVE-2025-62221 is a local-elevation vulnerability in the Windows Cloud Files Mini Filter Driver (CLOUD FILES MINIFILTER DRIVER). It is a use-after-free condition in the driver that can allow an authorized local attacker to escalate to SYSTEM privileges. Public PoCs/Exploits exist (GitHub repos AB...

7.8CVSS6.7AI score0.02383EPSS
In wild
CVE
CVE
added 2026/02/10 5:51 p.m.109 views

CVE-2026-20846

CVE-2026-20846 describes a buffer over-read in Windows GDI+ that can be exploited over a network to cause a denial of service. The CVSS v3.1 base score is 7.5 (HIGH). Mitigation requires the Microsoft update per the MSRC vulnerability entry CVE-2026-20846.

7.5CVSS5.5AI score0.0134EPSS
CVE
CVE
added 2026/01/13 5:57 p.m.103 views

CVE-2026-20931

CVE-2026-20931 is a Windows Telephony Service elevation-of-privilege vulnerability described as external control of a file name or path. The connected sources confirm the affected component as Windows Telephony Service and the issue enables an attacker on an adjacent network to obtain increased p...

8CVSS6.5AI score0.0075EPSS
In wild
CVE
CVE
added 2026/03/10 5:5 p.m.99 views

CVE-2026-26128

CVE-2026-26128 concerns an elevation-of-privilege flaw in Windows SMB Server caused by improper authentication. The vulnerability affects Windows SMB Server and is described in connected sources as allowing an authorized local attacker to obtain higher privileges. Evidence from the connected docu...

7.8CVSS5.8AI score0.00447EPSS
CVE
CVE
added 2026/06/09 5:5 p.m.99 views

CVE-2026-45604

CVE-2026-45604 is an out-of-bounds read vulnerability in the Windows AppID (Windows Application Identity) Subsystem that can allow an authorized local attacker to disclose information. The affected component is described as the AppID Subsystem; the root cause is an out-of-bounds read leading to i...

5.5CVSS5.4AI score0.00341EPSS
CVE
CVE
added 2026/05/12 4:58 p.m.98 views

CVE-2026-33841

CVE-2026-33841 is a heap-based buffer overflow in the Windows kernel that allows an authorized, local attacker to elevate privileges. Public docs consistently describe the vulnerability as a local privilege escalation in Windows Kernel. The CVE has accompanying CVSSv3.1 metrics indicating local a...

7.8CVSS6AI score0.0031EPSS
CVE
CVE
added 2026/06/09 5:6 p.m.98 views

CVE-2026-44803

CVE-2026-44803 describes an integer overflow/wraparound in Windows Win32K - GRFX that can allow a local attacker to execute code. The vulnerability is identified across multiple sources (NVD, CVE listing, and MSRC update page) and is classified with a high impact: local code execution, requiring ...

7.8CVSS5.7AI score0.00437EPSS
CVE
CVE
added 2025/11/11 5:59 p.m.97 views

CVE-2025-60724

Technical details about CVE-2025-60724 are not provided in the supplied documents. Connected KBs discuss OS updates and security fixes but do not specify vulnerable product versions, root cause, exploitation, or patch specifics for this CVE. Monitor for updates.

9.8CVSS6.1AI score0.05815EPSS
CVE
CVE
added 2025/10/14 5:0 p.m.96 views

CVE-2025-25004

CVE-2025-25004 affects Microsoft PowerShell. The connected documents corroborate a local privilege escalation vulnerability due to improper access control, enabling an authorized attacker to obtain elevated privileges on the host. The advisory entries (including NCSC-2025-0313) assign CVSS v3.1/3...

7.3CVSS6.4AI score0.00434EPSS
CVE
CVE
added 2026/06/09 5:6 p.m.94 views

CVE-2026-42978

CVE-2026-42978: A race condition due to improper synchronization in Windows Push Notifications leads to local privilege escalation for an authorized attacker. The CVSSv3.1 base score is 7.8 (LOCAL, HIGH impact on confidentiality, integrity, and availability) with HIGH attack complexity and LOW pr...

7.8CVSS5.6AI score0.00204EPSS
CVE
CVE
added 2026/06/09 5:6 p.m.92 views

CVE-2026-42985

CVE-2026-42985 is described in connected sources as a heap-based buffer overflow in the Remote Desktop Client that allows an unauthenticated attacker to execute code over the network. The initial and connected docs provide the vulnerability description and a high CVSS score (8.8, HIGH) with netwo...

8.8CVSS7.3AI score0.00981EPSS
CVE
CVE
added 2025/10/14 5:0 p.m.87 views

CVE-2025-24990

CVE-2025-24990 is a local privilege escalation in the Microsoft‑supplied Agere Modem Driver (ltmdm64.sys). The issue is described as an untrusted pointer dereference within the driver, enabling a local attacker to escalate privileges to administrator. Microsoft addressed it by removing the driver...

7.8CVSS6.5AI score0.05793EPSS
In wild
CVE
CVE
added 2025/10/14 5:0 p.m.84 views

CVE-2025-59282

CVE-2025-59282 affects Inbox COM Objects. The vulnerability is a race condition caused by concurrent access to a shared resource, leading to potential local code execution by an authenticated attacker with local access. The score in public metrics lists a CVSS v3.1 base score of 7.0 (HIGH) with l...

7CVSS7.1AI score0.00575EPSS
CVE
CVE
added 2026/01/13 5:56 p.m.83 views

CVE-2026-20805

CVE-2026-20805 is a local information-disclosure vulnerability in Microsoft Windows Desktop Window Manager (dwm.exe). The provided documents describe that an authenticated, low-privilege user can leak sensitive information via improper handling of ALPC-related structures (ALPC ports/sections) and...

5.5CVSS6.1AI score0.05028EPSS
In wild
CVE
CVE
added 2026/05/12 4:59 p.m.80 views

CVE-2026-40403

CVE-2026-40403 describes a heap-based buffer overflow in Windows Win32K GRFX that could allow a locally authenticated attacker to execute code. Affected component is Windows graphics subsystem (Win32K GRFX); cause is a heap-based overflow. Impact per available data is local code execution with hi...

8.8CVSS6.1AI score0.00427EPSS
CVE
CVE
added 2025/12/09 5:56 p.m.79 views

CVE-2025-54100

CVE-2025-54100 is a PowerShell RCE vulnerability tied to improper neutralization during MSHTML-based HTML parsing when Invoke-WebRequest is used without -UseBasicParsing. Affected: Windows PowerShell 5.1 on Windows 10/11 and Windows Server 2008–2025; attack is locally exploitable with user intera...

7.8CVSS7AI score0.01523EPSS
Web
CVE
CVE
added 2026/02/10 5:51 p.m.79 views

CVE-2026-21519

CVE-2026-21519 is a local elevation-of-privilege flaw in Windows Desktop Window Manager caused by type confusion. An authenticated, low-privilege attacker can overwhelm DWM locally to gain SYSTEM rights, with no user interaction required. It has been identified as exploited in the wild by multipl...

7.8CVSS5.5AI score0.0242EPSS
In wild
CVE
CVE
added 2026/06/09 5:4 p.m.79 views

CVE-2026-40404

CVE-2026-40404 concerns a Windows Universal Disk Format (UDFS) File System Driver Elevation of Privilege. The vulnerability affects the UDFS component, with a local attack vector, requiring low privileges and no user interaction, and yields high impact to confidentiality, integrity, and availabil...

7.8CVSS5.4AI score0.00339EPSS
CVE
CVE
added 2026/03/10 5:4 p.m.77 views

CVE-2026-23673

Technical details are not publicly provided in the supplied documents. Monitor for updates.

7.8CVSS5.8AI score0.00383EPSS
CVE
CVE
added 2026/04/14 4:57 p.m.76 views

CVE-2026-26179

Technical details about CVE-2026-26179 are not provided in the available documents; no product/version specifics or exploit information are disclosed. Monitor for updates.

7.8CVSS5.7AI score0.0044EPSS
CVE
CVE
added 2026/05/12 4:58 p.m.75 views

CVE-2026-33834

Technical details are not publicly available in the provided documents. No affected products/versions or remediation specifics are included here. Monitor for updates from official CVE/NVD entries to obtain concrete exploit info, mitigations, and fixes.

7.8CVSS5.8AI score0.00272EPSS
CVE
CVE
added 2026/04/14 4:56 p.m.74 views

CVE-2026-26151

CVE-2026-26151 describes insufficient UI warnings in Windows Remote Desktop that can enable a network attacker to spoof a remote session. The NVD entry lists a CVSS v3.1 base score of 7.1 (HIGH) with network access, no privileges required, user interaction required, and impact to confidentiality ...

7.1CVSS5.8AI score0.0083EPSS
CVE
CVE
added 2026/05/12 4:58 p.m.71 views

CVE-2026-35421

CVE-2026-35421 describes a heap-based buffer overflow in Windows GDI that permits a local attacker to execute arbitrary code. The entry lists a CVSS v3.1 base score of 7.8 (HIGH) with LOCAL attack vector, LOW attack complexity, NO privileges required, user interaction required, and impacts to con...

7.8CVSS6.1AI score0.00532EPSS
Total number of security vulnerabilities617