Windows 11 21h2 Security Vulnerabilities and Issues — Windows 11 21h2 CVE List

Summary:As of July 8, 2025 Microsoft has completed mitigations to address this vulnerability. See KB5042562: Guidance for blocking rollback of virtualization-based security related updates and the Recommended Actions section of this CVE for guidance on how to protect your systems from this vulnerab...

6.7CVSS5.8AI score0.00705EPSS

CVE•added 2024/09/10 5:15 p.m.•461 views

CVE-2024-38014

Windows Installer Elevation of Privilege Vulnerability

7.8CVSS8.7AI score0.0957EPSS

In wild

CVE•added 2024/03/12 5:15 p.m.•457 views

CVE-2024-26169

Windows Error Reporting Service Elevation of Privilege Vulnerability

7.8CVSS7.9AI score0.26702EPSS

In wild

CVE•added 2024/08/08 2:15 a.m.•456 views

CVE-2024-38202

SummaryMicrosoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security (VBS). However, an attack...

7.3CVSS8.2AI score0.04136EPSS

CVE•added 2024/10/08 6:15 p.m.•456 views

CVE-2024-43573

Windows MSHTML Platform Spoofing Vulnerability

8.1CVSS7.4AI score0.08507EPSS

In wild

CVE•added 2024/02/13 6:15 p.m.•425 views

CVE-2024-21351

Windows SmartScreen Security Feature Bypass Vulnerability

7.6CVSS8.5AI score0.06234EPSS

In wild

CVE•added 2024/05/14 5:17 p.m.•413 views

CVE-2024-30051

Windows DWM Core Library Elevation of Privilege Vulnerability

7.8CVSS6.4AI score0.50935EPSS

In wild

CVE•added 2024/03/12 5:15 p.m.•412 views

CVE-2024-21429

Windows USB Hub Driver Remote Code Execution Vulnerability

6.8CVSS7.2AI score0.00233EPSS

CVE•added 2024/02/13 6:15 p.m.•408 views

CVE-2024-21340

Windows Kernel Information Disclosure Vulnerability

4.6CVSS5.3AI score0.00131EPSS

CVE•added 2024/06/11 5:15 p.m.•408 views

CVE-2024-30088

Windows Kernel Elevation of Privilege Vulnerability

7CVSS6.9AI score0.87345EPSS

In wild

CVE•added 2024/01/09 6:15 p.m.•376 views

CVE-2024-20666

BitLocker Security Feature Bypass Vulnerability

6.6CVSS6.8AI score0.11655EPSS

In wild

CVE•added 2024/06/11 5:16 p.m.•363 views

CVE-2024-35250

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.44509EPSS

In wild

CVE•added 2024/04/09 5:16 p.m.•344 views

CVE-2024-29988

SmartScreen Prompt Security Feature Bypass Vulnerability

8.8CVSS8.4AI score0.64766EPSS

In wild

CVE•added 2024/10/08 6:15 p.m.•343 views

CVE-2024-43583

Winlogon Elevation of Privilege Vulnerability

7.8CVSS8.4AI score0.08214EPSS

CVE•added 2024/03/12 5:15 p.m.•342 views

CVE-2024-26161

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.01471EPSS

CVE•added 2024/10/08 6:15 p.m.•336 views

CVE-2024-30092

Windows Hyper-V Remote Code Execution Vulnerability

8CVSS8.3AI score0.00441EPSS

CVE•added 2024/07/09 5:15 p.m.•335 views

CVE-2024-38112

Windows MSHTML Platform Spoofing Vulnerability

7.5CVSS8.8AI score0.92309EPSS

In wild

CVE•added 2024/09/10 5:15 p.m.•325 views

CVE-2024-43461

Windows MSHTML Platform Spoofing Vulnerability

8.8CVSS9.3AI score0.09813EPSS

In wild

CVE•added 2024/05/14 5:17 p.m.•305 views

CVE-2024-30040

Windows MSHTML Platform Security Feature Bypass Vulnerability

8.8CVSS6.3AI score0.50556EPSS

In wild

CVE•added 2024/03/12 5:15 p.m.•294 views

CVE-2024-21408

Windows Hyper-V Denial of Service Vulnerability

5.5CVSS6.8AI score0.00478EPSS

CVE•added 2024/08/14 12:15 a.m.•288 views

CVE-2024-38163

Windows Update Stack Elevation of Privilege Vulnerability

7.8CVSS8.3AI score0.00996EPSS

CVE•added 2024/04/09 5:15 p.m.•281 views

CVE-2024-26229

Windows CSC Service Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.85832EPSS

CVE•added 2024/01/09 6:15 p.m.•279 views

CVE-2024-20674

Windows Kerberos Security Feature Bypass Vulnerability

8.8CVSS8.4AI score0.15936EPSS

CVE•added 2024/08/13 6:15 p.m.•279 views

CVE-2024-38193

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.6447EPSS

In wild

CVE•added 2024/08/13 6:15 p.m.•279 views

CVE-2024-38213

Windows Mark of the Web Security Feature Bypass Vulnerability

6.5CVSS6.5AI score0.73855EPSS

In wild

CVE•added 2024/03/12 5:15 p.m.•277 views

CVE-2024-21407

Windows Hyper-V Remote Code Execution Vulnerability

8.1CVSS8.5AI score0.05403EPSS

CVE•added 2024/10/08 6:15 p.m.•276 views

CVE-2024-43584

Windows Scripting Engine Security Feature Bypass Vulnerability

8.4CVSS7.8AI score0.00371EPSS

CVE•added 2024/08/13 6:15 p.m.•272 views

CVE-2024-38178

Scripting Engine Memory Corruption Vulnerability

7.5CVSS7.4AI score0.18494EPSS

In wild

CVE•added 2024/03/12 5:15 p.m.•270 views

CVE-2024-21438

Microsoft AllJoyn API Denial of Service Vulnerability

7.5CVSS7.6AI score0.03412EPSS

CVE•added 2024/09/10 5:15 p.m.•268 views

CVE-2024-21416

Windows TCP/IP Remote Code Execution Vulnerability

9.8CVSS9AI score0.05048EPSS

CVE•added 2024/07/09 5:15 p.m.•267 views

CVE-2024-38080

Windows Hyper-V Elevation of Privilege Vulnerability

7.8CVSS8.4AI score0.21315EPSS

In wild

CVE•added 2024/04/09 5:15 p.m.•258 views

CVE-2024-26207

Windows Remote Access Connection Manager Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00465EPSS

CVE•added 2024/08/13 6:15 p.m.•255 views

CVE-2024-38106

Windows Kernel Elevation of Privilege Vulnerability

7CVSS6.9AI score0.00367EPSS

In wild

CVE•added 2024/01/09 6:15 p.m.•254 views

CVE-2024-20652

Windows HTML Platforms Security Feature Bypass Vulnerability

8.1CVSS8AI score0.03082EPSS

CVE•added 2024/09/10 5:15 p.m.•254 views

CVE-2024-38217

Windows Mark of the Web Security Feature Bypass Vulnerability

5.4CVSS7.3AI score0.13392EPSS

In wild

CVE•added 2024/03/12 5:15 p.m.•250 views

CVE-2024-26190

Microsoft QUIC Denial of Service Vulnerability

7.5CVSS7.4AI score0.00623EPSS

CVE•added 2024/08/13 6:15 p.m.•250 views

CVE-2024-38118

Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability

5.5CVSS5.2AI score0.00541EPSS

CVE•added 2024/03/12 5:15 p.m.•247 views

CVE-2024-21437

Windows Graphics Component Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.03014EPSS

CVE•added 2024/08/13 6:15 p.m.•244 views

CVE-2024-38107

Windows Power Dependency Coordinator Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.03662EPSS

In wild

CVE•added 2024/03/12 5:15 p.m.•243 views

CVE-2024-21433

Windows Print Spooler Elevation of Privilege Vulnerability

7CVSS8AI score0.00833EPSS

CVE•added 2024/03/12 5:15 p.m.•242 views

CVE-2024-26162

Microsoft ODBC Driver Remote Code Execution Vulnerability

8.8CVSS8.9AI score0.0223EPSS

CVE•added 2024/03/12 5:15 p.m.•242 views

CVE-2024-26166

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.01471EPSS

CVE•added 2024/02/13 6:15 p.m.•241 views

CVE-2024-21358

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.0192EPSS

CVE•added 2024/02/13 6:15 p.m.•241 views

CVE-2024-21372

Windows OLE Remote Code Execution Vulnerability

8.8CVSS9AI score0.0153EPSS

CVE•added 2024/10/08 6:15 p.m.•241 views

CVE-2024-37976

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

6.7CVSS7.3AI score0.0035EPSS

Total number of security vulnerabilities455