Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-25187 (GCVE-0-2026-25187)
Vulnerability from cvelistv5 – Published: 2026-03-10 17:04 – Updated: 2026-05-26 17:11Title
Winlogon Elevation of Privilege Vulnerability
Summary
Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Assigner
References
3 references
Impacted products
21 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows 10 Version 1607 |
Affected:
10.0.14393.0 , < 10.0.14393.8957
(custom)
|
|
| Microsoft | Windows 10 Version 1809 |
Affected:
10.0.17763.0 , < 10.0.17763.8511
(custom)
|
|
| Microsoft | Windows 10 Version 21H2 |
Affected:
10.0.19044.0 , < 10.0.19044.7058
(custom)
|
|
| Microsoft | Windows 10 Version 22H2 |
Affected:
10.0.19045.0 , < 10.0.19045.7058
(custom)
|
|
| Microsoft | Windows 11 version 22H3 |
Affected:
10.0.22631.0 , < 10.0.22631.6783
(custom)
|
|
| Microsoft | Windows 11 Version 23H2 |
Affected:
10.0.22631.0 , < 10.0.22631.6783
(custom)
|
|
| Microsoft | Windows 11 Version 24H2 |
Affected:
10.0.26100.0 , < 10.0.26100.8037
(custom)
|
|
| Microsoft | Windows 11 Version 25H2 |
Affected:
10.0.26200.0 , < 10.0.26200.8037
(custom)
|
|
| Microsoft | Windows 11 version 26H1 |
Affected:
10.0.28000.0 , < 10.0.28000.1719
(custom)
|
|
| Microsoft | Windows Server 2012 |
Affected:
6.2.9200.0 , < 6.2.9200.25973
(custom)
|
|
| Microsoft | Windows Server 2012 (Server Core installation) |
Affected:
6.2.9200.0 , < 6.2.9200.25973
(custom)
|
|
| Microsoft | Windows Server 2012 R2 |
Affected:
6.3.9600.0 , < 6.3.9600.23074
(custom)
|
|
| Microsoft | Windows Server 2012 R2 (Server Core installation) |
Affected:
6.3.9600.0 , < 6.3.9600.23074
(custom)
|
|
| Microsoft | Windows Server 2016 |
Affected:
10.0.14393.0 , < 10.0.14393.8957
(custom)
|
|
| Microsoft | Windows Server 2016 (Server Core installation) |
Affected:
10.0.14393.0 , < 10.0.14393.8957
(custom)
|
|
| Microsoft | Windows Server 2019 |
Affected:
10.0.17763.0 , < 10.0.17763.8511
(custom)
|
|
| Microsoft | Windows Server 2019 (Server Core installation) |
Affected:
10.0.17763.0 , < 10.0.17763.8511
(custom)
|
|
| Microsoft | Windows Server 2022 |
Affected:
10.0.20348.0 , < 10.0.20348.4893
(custom)
|
|
| Microsoft | Windows Server 2022, 23H2 Edition (Server Core installation) |
Affected:
10.0.25398.0 , < 10.0.25398.2207
(custom)
|
|
| Microsoft | Windows Server 2025 |
Affected:
10.0.26100.0 , < 10.0.26100.32522
(custom)
|
|
| Microsoft | Windows Server 2025 (Server Core installation) |
Affected:
10.0.26100.0 , < 10.0.26100.32522
(custom)
|
Date Public
2026-03-10 14:00
KEVintel KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: eb97edde-e125-4fca-b1bf-780359c44eb3
Exploited: Yes
Timestamps
First Seen: 2026-04-19
Asserted: 2026-04-19
Scope
Notes: KEVIntel entry: Winlogon Elevation of Privilege Vulnerability | Affected: Microsoft / Windows 10 Version 1607, Windows 10 Version 1809, Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows 11 Version 24H2, Windows 11 Version 25H2, Windows 11 version 26H1, Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation) | CVSS: 7.8 (HIGH) | Used in malware: unknown | Not yet in CISA KEV: True
Evidence
Type: Public Report
Signal: Successful Exploitation
Confidence: 70%
Source: kevintel
Details
| Feed | KEVIntel (kevintel.com) |
|---|---|
| Title | Winlogon Elevation of Privilege Vulnerability |
| Vendor | Microsoft |
| Product | Windows 10 Version 1607, Windows 10 Version 1809, Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows 11 Version 24H2, Windows 11 Version 25H2, Windows 11 version 26H1, Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation) |
| Added Date | 2026-04-19T13:49:43.340Z |
| Cvss Score | 7.8 |
| Epss Score | None |
| Cvss Severity | HIGH |
| Epss Percentile | None |
| Used In Malware | unknown |
| Ahead Of Cisa Kev | None |
| Not Yet In Cisa Kev | True |
References
Created: 2026-06-19 12:45 UTC
| Updated: 2026-06-19 12:45 UTC
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25187",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-05T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T03:55:28.173Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-05-26T17:11:46.910Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2026-25187-detection-script-winlogon-elevation-of-privilege-vulnerability"
},
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2026-25187-mitigation-script-winlogon-elevation-of-privilege-vulnerability"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1607",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.8957",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.8511",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19044.7058",
"status": "affected",
"version": "10.0.19044.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19045.7058",
"status": "affected",
"version": "10.0.19045.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems"
],
"product": "Windows 11 version 22H3",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22631.6783",
"status": "affected",
"version": "10.0.22631.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows 11 Version 23H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22631.6783",
"status": "affected",
"version": "10.0.22631.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 Version 24H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.26100.8037",
"status": "affected",
"version": "10.0.26100.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 Version 25H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.26200.8037",
"status": "affected",
"version": "10.0.26200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 version 26H1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.28000.1719",
"status": "affected",
"version": "10.0.28000.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.25973",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.25973",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.23074",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.23074",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.8957",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.8957",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.8511",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.8511",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.20348.4893",
"status": "affected",
"version": "10.0.20348.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.25398.2207",
"status": "affected",
"version": "10.0.25398.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2025",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.26100.32522",
"status": "affected",
"version": "10.0.26100.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2025 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.26100.32522",
"status": "affected",
"version": "10.0.26100.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.8511",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.8511",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.8511",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.4893",
"versionStartIncluding": "10.0.20348.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19044.7058",
"versionStartIncluding": "10.0.19044.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.7058",
"versionStartIncluding": "10.0.19045.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.32522",
"versionStartIncluding": "10.0.26100.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.26200.8037",
"versionStartIncluding": "10.0.26200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22631.6783",
"versionStartIncluding": "10.0.22631.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22631.6783",
"versionStartIncluding": "10.0.22631.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.25398.2207",
"versionStartIncluding": "10.0.25398.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.26100.8037",
"versionStartIncluding": "10.0.26100.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.32522",
"versionStartIncluding": "10.0.26100.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.8957",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.8957",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.8957",
"versionStartIncluding": "10.0.14393.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.25973",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.2.9200.25973",
"versionStartIncluding": "6.2.9200.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.23074",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "6.3.9600.23074",
"versionStartIncluding": "6.3.9600.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.28000.1719",
"versionStartIncluding": "10.0.28000.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2026-03-10T14:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Improper link resolution before file access (\u0027link following\u0027) in Winlogon allows an authorized attacker to elevate privileges locally."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T16:36:00.587Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Winlogon Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25187"
}
],
"title": "Winlogon Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2026-25187",
"datePublished": "2026-03-10T17:04:58.796Z",
"dateReserved": "2026-01-29T18:36:49.696Z",
"dateUpdated": "2026-05-26T17:11:46.910Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-25187",
"date": "2026-06-18",
"epss": "0.03178",
"percentile": "0.86394"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-25187\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2026-03-10T18:18:35.413\",\"lastModified\":\"2026-05-26T18:16:39.383\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper link resolution before file access (\u0027link following\u0027) in Winlogon allows an authorized attacker to elevate privileges locally.\"},{\"lang\":\"es\",\"value\":\"Resoluci\u00f3n de enlaces incorrecta antes del acceso a archivos (\u0027seguimiento de enlaces\u0027) en Winlogon permite a un atacante autorizado elevar privilegios localmente.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-59\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.14393.8957\",\"matchCriteriaId\":\"5AA53525-2EE3-4815-9EEB-49572C16AFC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.14393.8957\",\"matchCriteriaId\":\"CB112C3D-A9C8-41A3-A3DD-ACB42387D087\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.17763.8511\",\"matchCriteriaId\":\"B2DCF6CD-BA92-4DB2-855E-DE8158AC6B57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.17763.8511\",\"matchCriteriaId\":\"40D953EB-E3B1-471A-8400-957984A092EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*\",\"versionEndExcluding\":\"10.0.19044.7058\",\"matchCriteriaId\":\"35CA4CA1-5EDE-4612-9C17-9AA167F773B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.19044.7058\",\"matchCriteriaId\":\"C18770C8-2B7F-4212-8A4F-1101ABFF4C44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.19044.7058\",\"matchCriteriaId\":\"DD070C42-5A71-4D20-B9BA-766565DFC99B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*\",\"versionEndExcluding\":\"10.0.19045.7058\",\"matchCriteriaId\":\"17DCF9E0-A09A-48A3-B281-D22EE76B8062\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.19045.7058\",\"matchCriteriaId\":\"51FF473A-566D-45FB-868D-03F3907E094A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.19045.7058\",\"matchCriteriaId\":\"5FC02001-58B6-4EE4-9552-003F2412ED0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*\",\"versionEndExcluding\":\"10.0.22631.6783\",\"matchCriteriaId\":\"E8B076BC-42F9-4972-BE73-3874E694CD3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.22631.6783\",\"matchCriteriaId\":\"6E98A971-B530-4289-B7B2-8403BD2DAD07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*\",\"versionEndExcluding\":\"10.0.26100.7979\",\"matchCriteriaId\":\"3381C469-C150-4724-8A53-E11794797D9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.26100.7979\",\"matchCriteriaId\":\"6F1A77F2-59BC-4F92-81A0-2A4E8981FEFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*\",\"versionEndExcluding\":\"10.0.26200.7979\",\"matchCriteriaId\":\"58F3AA3B-9960-48F9-B013-8CF6BA09893C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.26200.7979\",\"matchCriteriaId\":\"F113DAFC-91E5-42C1-A2C3-B9C9286D240B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*\",\"versionEndExcluding\":\"10.0.28000.1719\",\"matchCriteriaId\":\"30606CC6-21D2-4EAC-B568-DABA2786EC61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.28000.1719\",\"matchCriteriaId\":\"62E818F7-1053-4CD2-9CCE-EF84D3FA7861\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7DF96F8-BA6A-4780-9CA3-F719B3F81074\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB18C4CE-5917-401E-ACF7-2747084FD36E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.14393.8957\",\"matchCriteriaId\":\"E31E4CDC-138B-41CF-927A-0528A6F605FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.17763.8511\",\"matchCriteriaId\":\"2DA555D5-4452-4CD0-AB68-BA175C34EC3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.20348.4830\",\"matchCriteriaId\":\"C037CFF5-1294-4724-A28C-42B72A7F0B2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.25398.2207\",\"matchCriteriaId\":\"4A3C9232-BEAB-4D6B-B465-4C4643098054\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.26100.32463\",\"matchCriteriaId\":\"04014C9F-24B4-4A7A-B2E1-B80EFB7F6D4E\"}]}]}],\"references\":[{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25187\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/cve-2026-25187-detection-script-winlogon-elevation-of-privilege-vulnerability\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.vicarius.io/vsociety/posts/cve-2026-25187-mitigation-script-winlogon-elevation-of-privilege-vulnerability\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.vicarius.io/vsociety/posts/cve-2026-25187-detection-script-winlogon-elevation-of-privilege-vulnerability\"}, {\"url\": \"https://www.vicarius.io/vsociety/posts/cve-2026-25187-mitigation-script-winlogon-elevation-of-privilege-vulnerability\"}], \"x_generator\": {\"engine\": \"ADPogram 0.0.1\"}, \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2026-05-26T17:11:46.910Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-25187\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-10T18:39:56.729955Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-10T18:39:57.707Z\"}}], \"cna\": {\"title\": \"Winlogon Elevation of Privilege Vulnerability\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 1607\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.14393.0\", \"lessThan\": \"10.0.14393.8957\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 1809\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.17763.0\", \"lessThan\": \"10.0.17763.8511\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 21H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.19044.0\", \"lessThan\": \"10.0.19044.7058\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"ARM64-based Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 22H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.19045.0\", \"lessThan\": \"10.0.19045.7058\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"ARM64-based Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 version 22H3\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.22631.0\", \"lessThan\": \"10.0.22631.6783\", \"versionType\": \"custom\"}], \"platforms\": [\"ARM64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 Version 23H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.22631.0\", \"lessThan\": \"10.0.22631.6783\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 Version 24H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.26100.0\", \"lessThan\": \"10.0.26100.8037\", \"versionType\": \"custom\"}], \"platforms\": [\"ARM64-based Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 Version 25H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.26200.0\", \"lessThan\": \"10.0.26200.8037\", \"versionType\": \"custom\"}], \"platforms\": [\"ARM64-based Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 version 26H1\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.28000.0\", \"lessThan\": \"10.0.28000.1719\", \"versionType\": \"custom\"}], \"platforms\": [\"ARM64-based Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2012\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.2.9200.0\", \"lessThan\": \"6.2.9200.25973\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2012 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.2.9200.0\", \"lessThan\": \"6.2.9200.25973\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2012 R2\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.3.9600.0\", \"lessThan\": \"6.3.9600.23074\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2012 R2 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.3.9600.0\", \"lessThan\": \"6.3.9600.23074\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2016\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.14393.0\", \"lessThan\": \"10.0.14393.8957\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2016 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.14393.0\", \"lessThan\": \"10.0.14393.8957\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2019\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.17763.0\", \"lessThan\": \"10.0.17763.8511\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2019 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.17763.0\", \"lessThan\": \"10.0.17763.8511\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2022\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.20348.0\", \"lessThan\": \"10.0.20348.4893\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2022, 23H2 Edition (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.25398.0\", \"lessThan\": \"10.0.25398.2207\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2025\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.26100.0\", \"lessThan\": \"10.0.26100.32522\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2025 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.26100.0\", \"lessThan\": \"10.0.26100.32522\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}], \"datePublic\": \"2026-03-10T14:00:00.000Z\", \"references\": [{\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25187\", \"name\": \"Winlogon Elevation of Privilege Vulnerability\", \"tags\": [\"vendor-advisory\", \"patch\"]}], \"descriptions\": [{\"lang\": \"en-US\", \"value\": \"Improper link resolution before file access (\u0027link following\u0027) in Winlogon allows an authorized attacker to elevate privileges locally.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"CWE\", \"cweId\": \"CWE-59\", \"description\": \"CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.17763.8511\", \"versionStartIncluding\": \"10.0.17763.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.17763.8511\", \"versionStartIncluding\": \"10.0.17763.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.17763.8511\", \"versionStartIncluding\": \"10.0.17763.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.20348.4893\", \"versionStartIncluding\": \"10.0.20348.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.19044.7058\", \"versionStartIncluding\": \"10.0.19044.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.19045.7058\", \"versionStartIncluding\": \"10.0.19045.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.26100.32522\", \"versionStartIncluding\": \"10.0.26100.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.26200.8037\", \"versionStartIncluding\": \"10.0.26200.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.22631.6783\", \"versionStartIncluding\": \"10.0.22631.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.22631.6783\", \"versionStartIncluding\": \"10.0.22631.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.25398.2207\", \"versionStartIncluding\": \"10.0.25398.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.26100.8037\", \"versionStartIncluding\": \"10.0.26100.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.26100.32522\", \"versionStartIncluding\": \"10.0.26100.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.14393.8957\", \"versionStartIncluding\": \"10.0.14393.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.14393.8957\", \"versionStartIncluding\": \"10.0.14393.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.14393.8957\", \"versionStartIncluding\": \"10.0.14393.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.2.9200.25973\", \"versionStartIncluding\": \"6.2.9200.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.2.9200.25973\", \"versionStartIncluding\": \"6.2.9200.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.3.9600.23074\", \"versionStartIncluding\": \"6.3.9600.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.3.9600.23074\", \"versionStartIncluding\": \"6.3.9600.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:arm64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.28000.1719\", \"versionStartIncluding\": \"10.0.28000.0\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2026-04-14T16:36:00.587Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-25187\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-26T17:11:46.910Z\", \"dateReserved\": \"2026-01-29T18:36:49.696Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2026-03-10T17:04:58.796Z\", \"assignerShortName\": \"microsoft\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2026-AVI-0271
Vulnerability from certfr_avis - Published: 2026-03-11 - Updated: 2026-03-11
De multiples vulnérabilités ont été découvertes dans Microsoft Windows. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | N/A | Windows 10 Version 1809 pour systèmes x64 versions antérieures à 10.0.17763.8511 | ||
| Microsoft | N/A | Windows Admin Center in Azure Portal versions antérieures à 2.6.4 | ||
| Microsoft | N/A | Windows 10 Version 1809 pour systèmes 32 bits versions antérieures à 10.0.17763.8511 | ||
| Microsoft | N/A | Windows Server 2012 R2 (Server Core installation) versions antérieures à 6.3.9600.23074 | ||
| Microsoft | N/A | Windows 11 Version 23H2 pour systèmes x64 versions antérieures à 10.0.22631.6783 | ||
| Microsoft | N/A | Windows 11 Version 25H2 pour systèmes x64 versions antérieures à 10.0.26200.7979 | ||
| Microsoft | N/A | Windows Server 2012 versions antérieures à 1.000 | ||
| Microsoft | N/A | Windows Server 2012 (Server Core installation) versions antérieures à 6.2.9200.25973 | ||
| Microsoft | N/A | Windows Server 2022, 23H2 Edition (Server Core installation) versions antérieures à 10.0.25398.2207 | ||
| Microsoft | N/A | Windows 10 Version 21H2 pour systèmes 32 bits versions antérieures à 10.0.19044.7058 | ||
| Microsoft | N/A | Windows Server 2012 (Server Core installation) versions antérieures à 1.000 | ||
| Microsoft | N/A | Windows Server 2012 R2 (Server Core installation) versions antérieures à 1.000 | ||
| Microsoft | N/A | Windows 10 Version 22H2 pour systèmes ARM64 versions antérieures à 10.0.19045.7058 | ||
| Microsoft | N/A | Windows App Client pour Windows Desktop versions antérieures à 2.0.964 | ||
| Microsoft | N/A | Windows 11 version 26H1 pour systèmes x64 antérieures à 10.0.28000.1719 | ||
| Microsoft | N/A | Windows Server 2025 versions antérieures à 10.0.26100.32463 | ||
| Microsoft | N/A | Windows Server 2012 R2 versions antérieures à 6.3.9600.23074 | ||
| Microsoft | N/A | Windows 10 Version 21H2 pour systèmes x64 versions antérieures à 10.0.19044.7058 | ||
| Microsoft | N/A | Windows Server 2012 versions antérieures à 6.2.9200.25973 | ||
| Microsoft | N/A | Azure Automation Hybrid Worker Windows Extension versions antérieures à 1.3.74 | ||
| Microsoft | N/A | Windows 11 Version 24H2 pour systèmes ARM64 versions antérieures à 10.0.26100.7979 | ||
| Microsoft | N/A | Windows 11 Version 23H2 pour systèmes ARM64 versions antérieures à 10.0.22631.6783 | ||
| Microsoft | N/A | Windows Server 2016 (Server Core installation) versions antérieures à 10.0.14393.8957 | ||
| Microsoft | N/A | Windows 10 Version 1607 pour systèmes x64 versions antérieures à 10.0.14393.8957 | ||
| Microsoft | N/A | Windows 11 Version 26H1 pour systèmes ARM64 versions antérieures à 10.0.28000.1719 | ||
| Microsoft | N/A | Windows Server 2019 (Server Core installation) versions antérieures à 10.0.17763.8511 | ||
| Microsoft | N/A | Windows Server 2022 versions antérieures à 10.0.20348.4830 | ||
| Microsoft | N/A | Windows 10 Version 21H2 pour systèmes ARM64 versions antérieures à 10.0.19044.7058 | ||
| Microsoft | N/A | Windows Server 2022 (Server Core installation) versions antérieures à 10.0.20348.4830 | ||
| Microsoft | N/A | Windows 10 Version 22H2 pour systèmes x64 versions antérieures à 10.0.19045.7058 | ||
| Microsoft | N/A | Windows 11 Version 25H2 pour systèmes ARM64 versions antérieures à 10.0.26200.7979 | ||
| Microsoft | N/A | Windows Server 2012 R2 versions antérieures à 1.000 | ||
| Microsoft | N/A | Windows 10 Version 1607 pour systèmes 32 bits versions antérieures à 10.0.14393.8957 | ||
| Microsoft | N/A | Windows Server 2019 versions antérieures à 10.0.17763.8511 | ||
| Microsoft | N/A | Windows Server 2016 versions antérieures à 10.0.14393.8957 | ||
| Microsoft | N/A | Windows 11 Version 24H2 pour systèmes x64 versions antérieures à 10.0.26100.7979 | ||
| Microsoft | N/A | Windows Server 2025 (Server Core installation) versions antérieures à 10.0.26100.32463 | ||
| Microsoft | N/A | Windows 10 Version 22H2 pour systèmes 32 bits versions antérieures à 10.0.19045.7058 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.17763.8511",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Admin Center in Azure Portal versions ant\u00e9rieures \u00e0 2.6.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.17763.8511",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 (Server Core installation) versions ant\u00e9rieures \u00e0 6.3.9600.23074",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.22631.6783",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 25H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.26200.7979",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 versions ant\u00e9rieures \u00e0 1.000",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 (Server Core installation) versions ant\u00e9rieures \u00e0 6.2.9200.25973",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022, 23H2 Edition (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.25398.2207",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19044.7058",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 (Server Core installation) versions ant\u00e9rieures \u00e0 1.000",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 (Server Core installation) versions ant\u00e9rieures \u00e0 1.000",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19045.7058",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows App Client pour Windows Desktop versions ant\u00e9rieures \u00e0 2.0.964",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 version 26H1 pour syst\u00e8mes x64 ant\u00e9rieures \u00e0 10.0.28000.1719",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2025 versions ant\u00e9rieures \u00e0 10.0.26100.32463",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 versions ant\u00e9rieures \u00e0 6.3.9600.23074",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19044.7058",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 versions ant\u00e9rieures \u00e0 6.2.9200.25973",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Azure Automation Hybrid Worker Windows Extension versions ant\u00e9rieures \u00e0 1.3.74",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 24H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.26100.7979",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 23H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.22631.6783",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.14393.8957",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.14393.8957",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 26H1 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.28000.1719",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.17763.8511",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 versions ant\u00e9rieures \u00e0 10.0.20348.4830",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 21H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.19044.7058",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2022 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.20348.4830",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.19045.7058",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 25H2 pour syst\u00e8mes ARM64 versions ant\u00e9rieures \u00e0 10.0.26200.7979",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2012 R2 versions ant\u00e9rieures \u00e0 1.000",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.14393.8957",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2019 versions ant\u00e9rieures \u00e0 10.0.17763.8511",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2016 versions ant\u00e9rieures \u00e0 10.0.14393.8957",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 11 Version 24H2 pour syst\u00e8mes x64 versions ant\u00e9rieures \u00e0 10.0.26100.7979",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows Server 2025 (Server Core installation) versions ant\u00e9rieures \u00e0 10.0.26100.32463",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Windows 10 Version 22H2 pour syst\u00e8mes 32 bits versions ant\u00e9rieures \u00e0 10.0.19045.7058",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-25176",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25176"
},
{
"name": "CVE-2026-25174",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25174"
},
{
"name": "CVE-2026-23667",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23667"
},
{
"name": "CVE-2026-25171",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25171"
},
{
"name": "CVE-2026-23668",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23668"
},
{
"name": "CVE-2026-25180",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25180"
},
{
"name": "CVE-2026-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26141"
},
{
"name": "CVE-2026-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25186"
},
{
"name": "CVE-2026-25168",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25168"
},
{
"name": "CVE-2026-25173",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25173"
},
{
"name": "CVE-2026-23660",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23660"
},
{
"name": "CVE-2026-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24294"
},
{
"name": "CVE-2026-25175",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25175"
},
{
"name": "CVE-2026-25169",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25169"
},
{
"name": "CVE-2026-24297",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24297"
},
{
"name": "CVE-2026-23656",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23656"
},
{
"name": "CVE-2026-25177",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25177"
},
{
"name": "CVE-2026-24292",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24292"
},
{
"name": "CVE-2026-26132",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26132"
},
{
"name": "CVE-2026-25179",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25179"
},
{
"name": "CVE-2026-24288",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24288"
},
{
"name": "CVE-2026-26127",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26127"
},
{
"name": "CVE-2026-25165",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25165"
},
{
"name": "CVE-2026-23669",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23669"
},
{
"name": "CVE-2026-25178",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25178"
},
{
"name": "CVE-2026-24289",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24289"
},
{
"name": "CVE-2026-24287",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24287"
},
{
"name": "CVE-2026-23672",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23672"
},
{
"name": "CVE-2026-26128",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26128"
},
{
"name": "CVE-2026-24291",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24291"
},
{
"name": "CVE-2026-23674",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23674"
},
{
"name": "CVE-2026-25170",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25170"
},
{
"name": "CVE-2026-24293",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24293"
},
{
"name": "CVE-2026-25181",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25181"
},
{
"name": "CVE-2026-24285",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24285"
},
{
"name": "CVE-2026-25187",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25187"
},
{
"name": "CVE-2026-25189",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25189"
},
{
"name": "CVE-2026-24282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24282"
},
{
"name": "CVE-2026-25188",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25188"
},
{
"name": "CVE-2026-25166",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25166"
},
{
"name": "CVE-2026-24290",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24290"
},
{
"name": "CVE-2026-24295",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24295"
},
{
"name": "CVE-2026-26111",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26111"
},
{
"name": "CVE-2026-25190",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25190"
},
{
"name": "CVE-2026-24296",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24296"
},
{
"name": "CVE-2026-25185",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25185"
},
{
"name": "CVE-2026-23673",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23673"
},
{
"name": "CVE-2026-23671",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23671"
},
{
"name": "CVE-2026-25172",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25172"
},
{
"name": "CVE-2026-25167",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25167"
},
{
"name": "CVE-2026-24283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24283"
}
],
"initial_release_date": "2026-03-11T00:00:00",
"last_revision_date": "2026-03-11T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0271",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-03-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Windows. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
"vendor_advisories": [
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-24283",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24283"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-24288",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24288"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-25166",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25166"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-23660",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23660"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-24293",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24293"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-23671",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23671"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-25177",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25177"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-25186",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25186"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-26132",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26132"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-25190",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25190"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-25185",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25185"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-25172",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25172"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-23667",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23667"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-24287",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24287"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-23674",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23674"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-26127",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26127"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-23669",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23669"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-25170",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25170"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-25174",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25174"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-25181",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25181"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-26128",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26128"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-23668",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23668"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-25176",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25176"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-24294",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24294"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-24292",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24292"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-24291",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24291"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-25168",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25168"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-25175",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25175"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-25167",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25167"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-26111",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26111"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-25179",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25179"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-23656",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23656"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-25171",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25171"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-25169",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25169"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-24297",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24297"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-24295",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24295"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-26141",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26141"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-23672",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23672"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-25178",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25178"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-25189",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25189"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-24285",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24285"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-24290",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24290"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-25187",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25187"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-24296",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24296"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-25188",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25188"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-24282",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24282"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-24289",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24289"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-25173",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25173"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-23673",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23673"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-25180",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25180"
},
{
"published_at": "2026-03-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Windows CVE-2026-25165",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25165"
}
]
}
FKIE_CVE-2026-25187
Vulnerability from fkie_nvd - Published: 2026-03-10 18:18 - Updated: 2026-06-17 10:24
Severity
Summary
Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally.
References
| URL | Tags | ||
|---|---|---|---|
| secure@microsoft.com | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25187 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vicarius.io/vsociety/posts/cve-2026-25187-detection-script-winlogon-elevation-of-privilege-vulnerability | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vicarius.io/vsociety/posts/cve-2026-25187-mitigation-script-winlogon-elevation-of-privilege-vulnerability |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | windows_10_1607 | * | |
| microsoft | windows_10_1607 | * | |
| microsoft | windows_10_1809 | * | |
| microsoft | windows_10_1809 | * | |
| microsoft | windows_10_21h2 | * | |
| microsoft | windows_10_21h2 | * | |
| microsoft | windows_10_21h2 | * | |
| microsoft | windows_10_22h2 | * | |
| microsoft | windows_10_22h2 | * | |
| microsoft | windows_10_22h2 | * | |
| microsoft | windows_11_23h2 | * | |
| microsoft | windows_11_23h2 | * | |
| microsoft | windows_11_24h2 | * | |
| microsoft | windows_11_24h2 | * | |
| microsoft | windows_11_25h2 | * | |
| microsoft | windows_11_25h2 | * | |
| microsoft | windows_11_26h1 | * | |
| microsoft | windows_11_26h1 | * | |
| microsoft | windows_server_2012 | - | |
| microsoft | windows_server_2012 | r2 | |
| microsoft | windows_server_2016 | * | |
| microsoft | windows_server_2019 | * | |
| microsoft | windows_server_2022 | * | |
| microsoft | windows_server_2022_23h2 | * | |
| microsoft | windows_server_2025 | * |
{
"affected": [
{
"affectedData": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1607",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.8957",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.8511",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19044.7058",
"status": "affected",
"version": "10.0.19044.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19045.7058",
"status": "affected",
"version": "10.0.19045.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems"
],
"product": "Windows 11 version 22H3",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22631.6783",
"status": "affected",
"version": "10.0.22631.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows 11 Version 23H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22631.6783",
"status": "affected",
"version": "10.0.22631.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 Version 24H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.26100.8037",
"status": "affected",
"version": "10.0.26100.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 Version 25H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.26200.8037",
"status": "affected",
"version": "10.0.26200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 version 26H1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.28000.1719",
"status": "affected",
"version": "10.0.28000.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.25973",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.2.9200.25973",
"status": "affected",
"version": "6.2.9200.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.23074",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2012 R2 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.3.9600.23074",
"status": "affected",
"version": "6.3.9600.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.8957",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2016 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.8957",
"status": "affected",
"version": "10.0.14393.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.8511",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.8511",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.20348.4893",
"status": "affected",
"version": "10.0.20348.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.25398.2207",
"status": "affected",
"version": "10.0.25398.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2025",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.26100.32522",
"status": "affected",
"version": "10.0.26100.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2025 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.26100.32522",
"status": "affected",
"version": "10.0.26100.0",
"versionType": "custom"
}
]
}
],
"source": "secure@microsoft.com"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "5AA53525-2EE3-4815-9EEB-49572C16AFC1",
"versionEndExcluding": "10.0.14393.8957",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "CB112C3D-A9C8-41A3-A3DD-ACB42387D087",
"versionEndExcluding": "10.0.14393.8957",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "B2DCF6CD-BA92-4DB2-855E-DE8158AC6B57",
"versionEndExcluding": "10.0.17763.8511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "40D953EB-E3B1-471A-8400-957984A092EB",
"versionEndExcluding": "10.0.17763.8511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "35CA4CA1-5EDE-4612-9C17-9AA167F773B9",
"versionEndExcluding": "10.0.19044.7058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "C18770C8-2B7F-4212-8A4F-1101ABFF4C44",
"versionEndExcluding": "10.0.19044.7058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "DD070C42-5A71-4D20-B9BA-766565DFC99B",
"versionEndExcluding": "10.0.19044.7058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "17DCF9E0-A09A-48A3-B281-D22EE76B8062",
"versionEndExcluding": "10.0.19045.7058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "51FF473A-566D-45FB-868D-03F3907E094A",
"versionEndExcluding": "10.0.19045.7058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "5FC02001-58B6-4EE4-9552-003F2412ED0C",
"versionEndExcluding": "10.0.19045.7058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "E8B076BC-42F9-4972-BE73-3874E694CD3A",
"versionEndExcluding": "10.0.22631.6783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "6E98A971-B530-4289-B7B2-8403BD2DAD07",
"versionEndExcluding": "10.0.22631.6783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "3381C469-C150-4724-8A53-E11794797D9F",
"versionEndExcluding": "10.0.26100.7979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "6F1A77F2-59BC-4F92-81A0-2A4E8981FEFB",
"versionEndExcluding": "10.0.26100.7979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "58F3AA3B-9960-48F9-B013-8CF6BA09893C",
"versionEndExcluding": "10.0.26200.7979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "F113DAFC-91E5-42C1-A2C3-B9C9286D240B",
"versionEndExcluding": "10.0.26200.7979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "30606CC6-21D2-4EAC-B568-DABA2786EC61",
"versionEndExcluding": "10.0.28000.1719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "62E818F7-1053-4CD2-9CCE-EF84D3FA7861",
"versionEndExcluding": "10.0.28000.1719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E31E4CDC-138B-41CF-927A-0528A6F605FB",
"versionEndExcluding": "10.0.14393.8957",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DA555D5-4452-4CD0-AB68-BA175C34EC3A",
"versionEndExcluding": "10.0.17763.8511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C037CFF5-1294-4724-A28C-42B72A7F0B2E",
"versionEndExcluding": "10.0.20348.4830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A3C9232-BEAB-4D6B-B465-4C4643098054",
"versionEndExcluding": "10.0.25398.2207",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "04014C9F-24B4-4A7A-B2E1-B80EFB7F6D4E",
"versionEndExcluding": "10.0.26100.32463",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper link resolution before file access (\u0027link following\u0027) in Winlogon allows an authorized attacker to elevate privileges locally."
},
{
"lang": "es",
"value": "Resoluci\u00f3n de enlaces incorrecta antes del acceso a archivos (\u0027seguimiento de enlaces\u0027) en Winlogon permite a un atacante autorizado elevar privilegios localmente."
}
],
"id": "CVE-2026-25187",
"lastModified": "2026-06-17T10:24:16.327",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "secure@microsoft.com",
"type": "Secondary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2026-25187",
"options": [
{
"exploitation": "none"
},
{
"automatable": "no"
},
{
"technicalImpact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-05T00:00:00+00:00",
"version": "2.0.3"
}
}
]
},
"published": "2026-03-10T18:18:35.413",
"references": [
{
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25187"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.vicarius.io/vsociety/posts/cve-2026-25187-detection-script-winlogon-elevation-of-privilege-vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.vicarius.io/vsociety/posts/cve-2026-25187-mitigation-script-winlogon-elevation-of-privilege-vulnerability"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "secure@microsoft.com",
"type": "Secondary"
}
]
}
GHSA-529J-28J3-4465
Vulnerability from github – Published: 2026-03-10 18:31 – Updated: 2026-05-26 18:31
VLAI
Details
Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally.
Severity
7.8 (High)
{
"affected": [],
"aliases": [
"CVE-2026-25187"
],
"database_specific": {
"cwe_ids": [
"CWE-59"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-10T18:18:35Z",
"severity": "HIGH"
},
"details": "Improper link resolution before file access (\u0027link following\u0027) in Winlogon allows an authorized attacker to elevate privileges locally.",
"id": "GHSA-529j-28j3-4465",
"modified": "2026-05-26T18:31:36Z",
"published": "2026-03-10T18:31:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25187"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25187"
},
{
"type": "WEB",
"url": "https://www.vicarius.io/vsociety/posts/cve-2026-25187-detection-script-winlogon-elevation-of-privilege-vulnerability"
},
{
"type": "WEB",
"url": "https://www.vicarius.io/vsociety/posts/cve-2026-25187-mitigation-script-winlogon-elevation-of-privilege-vulnerability"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
JVNDB-2026-016976
Vulnerability from jvndb - Published: 2026-05-25 11:39 - Updated:2026-05-25 11:39Summary
Security information for Hitachi Disk Array Systems
Details
CVE-2026-23667 | Broadcast DVR Elevation of Privilege Vulnerability
CVE-2026-23668 | Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2026-23669 | Windows Print Spooler Remote Code Execution Vulnerability
CVE-2026-23671 | Windows Bluetooth RFCOM Protocol Driver Elevation of Privilege Vulnerability
CVE-2026-23672 | Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
CVE-2026-23673 | Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
CVE-2026-23674 | MapUrlToZone Security Feature Bypass Vulnerability
CVE-2026-24282 | Push message Routing Service Elevation of Privilege Vulnerability
CVE-2026-24285 | Win32k Elevation of Privilege Vulnerability
CVE-2026-24287 | Windows Kernel Elevation of Privilege Vulnerability
CVE-2026-24288 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2026-24289 | Windows Kernel Elevation of Privilege Vulnerability
CVE-2026-24290 | Windows Projected File System Elevation of Privilege Vulnerability
CVE-2026-24291 | Windows Accessibility Infrastructure (ATBroker.exe) Elevation of Privilege Vulnerability
CVE-2026-24292 | Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
CVE-2026-24293 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-24294 | Windows SMB Server Elevation of Privilege Vulnerability
CVE-2026-24295 | Windows Device Association Service Elevation of Privilege Vulnerability
CVE-2026-24296 | Windows Device Association Service Elevation of Privilege Vulnerability
CVE-2026-24297 | Windows Kerberos Security Feature Bypass Vulnerability
CVE-2026-25165 | Performance Counters for Windows Elevation of Privilege Vulnerability
CVE-2026-25166 | Windows System Image Manager Assessment and Deployment Kit (ADK) Remote Code Execution Vulnerability
CVE-2026-25168 | Windows Graphics Component Denial of Service Vulnerability
CVE-2026-25169 | Windows Graphics Component Denial of Service Vulnerability
CVE-2026-25171 | Windows Authentication Elevation of Privilege Vulnerability
CVE-2026-25173 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2026-25174 | Windows Extensible File Allocation Table Elevation of Privilege Vulnerability
CVE-2026-25175 | Windows NTFS Elevation of Privilege Vulnerability
CVE-2026-25176 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-25177 | Active Directory Domain Services Elevation of Privilege Vulnerability
CVE-2026-25178 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-25179 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-25180 | Windows Graphics Component Information Disclosure Vulnerability
CVE-2026-25181 | GDI+ Information Disclosure Vulnerability
CVE-2026-25185 | Windows Shell Link Processing Spoofing Vulnerability
CVE-2026-25186 | Windows Accessibility Infrastructure (ATBroker.exe) Information Disclosure Vulnerability
CVE-2026-25187 | Winlogon Elevation of Privilege Vulnerability
CVE-2026-25188 | Windows Telephony Service Elevation of Privilege Vulnerability
CVE-2026-25189 | Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2026-25190 | GDI Remote Code Execution Vulnerability
CVE-2026-26128 | Windows SMB Server Elevation of Privilege Vulnerability
CVE-2026-26132 | Windows Kernel Elevation of Privilege Vulnerability
References
| Type | URL | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-016976.html",
"dc:date": "2026-05-25T11:39+09:00",
"dcterms:issued": "2026-05-25T11:39+09:00",
"dcterms:modified": "2026-05-25T11:39+09:00",
"description": "CVE-2026-23667 | Broadcast DVR Elevation of Privilege Vulnerability\r\nCVE-2026-23668 | Windows Graphics Component Elevation of Privilege Vulnerability\r\nCVE-2026-23669 | Windows Print Spooler Remote Code Execution Vulnerability\r\nCVE-2026-23671 | Windows Bluetooth RFCOM Protocol Driver Elevation of Privilege Vulnerability\r\nCVE-2026-23672 | Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability\r\nCVE-2026-23673 | Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability\r\nCVE-2026-23674 | MapUrlToZone Security Feature Bypass Vulnerability\r\nCVE-2026-24282 | Push message Routing Service Elevation of Privilege Vulnerability\r\nCVE-2026-24285 | Win32k Elevation of Privilege Vulnerability\r\nCVE-2026-24287 | Windows Kernel Elevation of Privilege Vulnerability\r\nCVE-2026-24288 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability\r\nCVE-2026-24289 | Windows Kernel Elevation of Privilege Vulnerability\r\nCVE-2026-24290 | Windows Projected File System Elevation of Privilege Vulnerability\r\nCVE-2026-24291 | Windows Accessibility Infrastructure (ATBroker.exe) Elevation of Privilege Vulnerability\r\nCVE-2026-24292 | Windows Connected Devices Platform Service Elevation of Privilege Vulnerability\r\nCVE-2026-24293 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability\r\nCVE-2026-24294 | Windows SMB Server Elevation of Privilege Vulnerability\r\nCVE-2026-24295 | Windows Device Association Service Elevation of Privilege Vulnerability\r\nCVE-2026-24296 | Windows Device Association Service Elevation of Privilege Vulnerability\r\nCVE-2026-24297 | Windows Kerberos Security Feature Bypass Vulnerability\r\nCVE-2026-25165 | Performance Counters for Windows Elevation of Privilege Vulnerability\r\nCVE-2026-25166 | Windows System Image Manager Assessment and Deployment Kit (ADK) Remote Code Execution Vulnerability\r\nCVE-2026-25168 | Windows Graphics Component Denial of Service Vulnerability\r\nCVE-2026-25169 | Windows Graphics Component Denial of Service Vulnerability\r\nCVE-2026-25171 | Windows Authentication Elevation of Privilege Vulnerability\r\nCVE-2026-25173 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability\r\nCVE-2026-25174 | Windows Extensible File Allocation Table Elevation of Privilege Vulnerability\r\nCVE-2026-25175 | Windows NTFS Elevation of Privilege Vulnerability\r\nCVE-2026-25176 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability\r\nCVE-2026-25177 | Active Directory Domain Services Elevation of Privilege Vulnerability\r\nCVE-2026-25178 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability\r\nCVE-2026-25179 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability\r\nCVE-2026-25180 | Windows Graphics Component Information Disclosure Vulnerability\r\nCVE-2026-25181 | GDI+ Information Disclosure Vulnerability\r\nCVE-2026-25185 | Windows Shell Link Processing Spoofing Vulnerability\r\nCVE-2026-25186 | Windows Accessibility Infrastructure (ATBroker.exe) Information Disclosure Vulnerability\r\nCVE-2026-25187 | Winlogon Elevation of Privilege Vulnerability\r\nCVE-2026-25188 | Windows Telephony Service Elevation of Privilege Vulnerability\r\nCVE-2026-25189 | Windows DWM Core Library Elevation of Privilege Vulnerability\r\nCVE-2026-25190 | GDI Remote Code Execution Vulnerability\r\nCVE-2026-26128 | Windows SMB Server Elevation of Privilege Vulnerability\r\nCVE-2026-26132 | Windows Kernel Elevation of Privilege Vulnerability",
"link": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-016976.html",
"sec:cpe": {
"#text": "cpe:/h:hitachi:virtual_storage_platform",
"@product": "Hitachi Virtual Storage Platform",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
"sec:identifier": "JVNDB-2026-016976",
"sec:references": [
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-23667",
"@id": "CVE-2026-23667",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-23668",
"@id": "CVE-2026-23668",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-23669",
"@id": "CVE-2026-23669",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-23671",
"@id": "CVE-2026-23671",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-23672",
"@id": "CVE-2026-23672",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-23673",
"@id": "CVE-2026-23673",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-23674",
"@id": "CVE-2026-23674",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-24282",
"@id": "CVE-2026-24282",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-24285",
"@id": "CVE-2026-24285",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-24287",
"@id": "CVE-2026-24287",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-24288",
"@id": "CVE-2026-24288",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-24289",
"@id": "CVE-2026-24289",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-24290",
"@id": "CVE-2026-24290",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-24291",
"@id": "CVE-2026-24291",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-24292",
"@id": "CVE-2026-24292",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-24293",
"@id": "CVE-2026-24293",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-24294",
"@id": "CVE-2026-24294",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-24295",
"@id": "CVE-2026-24295",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-24296",
"@id": "CVE-2026-24296",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-24297",
"@id": "CVE-2026-24297",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-25165",
"@id": "CVE-2026-25165",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-25166",
"@id": "CVE-2026-25166",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-25168",
"@id": "CVE-2026-25168",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-25169",
"@id": "CVE-2026-25169",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-25171",
"@id": "CVE-2026-25171",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-25173",
"@id": "CVE-2026-25173",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-25174",
"@id": "CVE-2026-25174",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-25175",
"@id": "CVE-2026-25175",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-25176",
"@id": "CVE-2026-25176",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-25177",
"@id": "CVE-2026-25177",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-25178",
"@id": "CVE-2026-25178",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-25179",
"@id": "CVE-2026-25179",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-25180",
"@id": "CVE-2026-25180",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-25181",
"@id": "CVE-2026-25181",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-25185",
"@id": "CVE-2026-25185",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-25186",
"@id": "CVE-2026-25186",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-25187",
"@id": "CVE-2026-25187",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-25188",
"@id": "CVE-2026-25188",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-25189",
"@id": "CVE-2026-25189",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-25190",
"@id": "CVE-2026-25190",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-26128",
"@id": "CVE-2026-26128",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-26132",
"@id": "CVE-2026-26132",
"@source": "CVE"
}
],
"title": "Security information for Hitachi Disk Array Systems"
}
MSRC_CVE-2026-25187
Vulnerability from csaf_microsoft - Published: 2026-03-10 07:00 - Updated: 2026-03-10 07:00Summary
Winlogon Elevation of Privilege Vulnerability
Severity
Important
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
Customer Action: Required. The vulnerability documented by this CVE requires customer action to resolve.
CWE-59
- Improper Link Resolution Before File Access ('Link Following')
Affected products
Fixed
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Windows Server 2012 6.2.9200.25973
Windows Server 2012
|
6.2.9200.25973 | ||
|
Windows Server 2012 (Server Core installation) 6.2.9200.25973
Windows Server 2012 (Server Core installation)
|
6.2.9200.25973 | ||
|
Windows Server 2012 R2 6.3.9600.23074
Windows Server 2012 R2
|
6.3.9600.23074 | ||
|
Windows Server 2012 R2 (Server Core installation) 6.3.9600.23074
Windows Server 2012 R2 (Server Core installation)
|
6.3.9600.23074 | ||
|
Windows Server 2016 10.0.14393.8957
Windows Server 2016
|
10.0.14393.8957 | ||
|
Windows 10 Version 1607 for 32-bit Systems 10.0.14393.8957
Windows 10 Version 1607 for 32-bit Systems
|
10.0.14393.8957 | ||
|
Windows 10 Version 1607 for x64-based Systems 10.0.14393.8957
Windows 10 Version 1607 for x64-based Systems
|
10.0.14393.8957 | ||
|
Windows Server 2016 (Server Core installation) 10.0.14393.8957
Windows Server 2016 (Server Core installation)
|
10.0.14393.8957 | ||
|
Windows 10 Version 1809 for 32-bit Systems 10.0.17763.8511
Windows 10 Version 1809 for 32-bit Systems
|
10.0.17763.8511 | ||
|
Windows 10 Version 1809 for x64-based Systems 10.0.17763.8511
Windows 10 Version 1809 for x64-based Systems
|
10.0.17763.8511 | ||
|
Windows Server 2019 10.0.17763.8511
Windows Server 2019
|
10.0.17763.8511 | ||
|
Windows Server 2019 (Server Core installation) 10.0.17763.8511
Windows Server 2019 (Server Core installation)
|
10.0.17763.8511 | ||
|
Windows Server 2022 10.0.20348.4893
Windows Server 2022
|
10.0.20348.4893 | ||
|
Windows Server 2022 (Server Core installation) 10.0.20348.4893
Windows Server 2022 (Server Core installation)
|
10.0.20348.4893 | ||
|
Windows 10 Version 21H2 for 32-bit Systems 10.0.19044.7058
Windows 10 Version 21H2 for 32-bit Systems
|
10.0.19044.7058 | ||
|
Windows 10 Version 21H2 for ARM64-based Systems 10.0.19044.7058
Windows 10 Version 21H2 for ARM64-based Systems
|
10.0.19044.7058 | ||
|
Windows 10 Version 21H2 for x64-based Systems 10.0.19044.7058
Windows 10 Version 21H2 for x64-based Systems
|
10.0.19044.7058 | ||
|
Windows 10 Version 22H2 for x64-based Systems 10.0.19045.7058
Windows 10 Version 22H2 for x64-based Systems
|
10.0.19045.7058 | ||
|
Windows 10 Version 22H2 for ARM64-based Systems 10.0.19045.7058
Windows 10 Version 22H2 for ARM64-based Systems
|
10.0.19045.7058 | ||
|
Windows 10 Version 22H2 for 32-bit Systems 10.0.19045.7058
Windows 10 Version 22H2 for 32-bit Systems
|
10.0.19045.7058 | ||
|
Windows 11 Version 23H2 for ARM64-based Systems 10.0.22631.6783
Windows 11 Version 23H2 for ARM64-based Systems
|
10.0.22631.6783 | ||
|
Windows 11 Version 23H2 for x64-based Systems 10.0.22631.6783
Windows 11 Version 23H2 for x64-based Systems
|
10.0.22631.6783 | ||
|
Windows Server 2022, 23H2 Edition (Server Core installation) 10.0.25398.2207
Windows Server 2022, 23H2 Edition (Server Core installation)
|
10.0.25398.2207 | ||
|
Windows 11 Version 24H2 for ARM64-based Systems 10.0.26100.8037
Windows 11 Version 24H2 for ARM64-based Systems
|
10.0.26100.8037 | ||
|
Windows 11 Version 24H2 for x64-based Systems 10.0.26100.8037
Windows 11 Version 24H2 for x64-based Systems
|
10.0.26100.8037 | ||
|
Windows Server 2025 10.0.26100.32522
Windows Server 2025
|
10.0.26100.32522 | ||
|
Windows Server 2025 (Server Core installation) 10.0.26100.32522
Windows Server 2025 (Server Core installation)
|
10.0.26100.32522 | ||
|
Windows 11 Version 25H2 for ARM64-based Systems 10.0.26200.8037
Windows 11 Version 25H2 for ARM64-based Systems
|
10.0.26200.8037 | ||
|
Windows 11 Version 25H2 for x64-based Systems 10.0.26200.8037
Windows 11 Version 25H2 for x64-based Systems
|
10.0.26200.8037 | ||
|
Windows 11 version 26H1 for x64-based Systems 10.0.28000.1719
Windows 11 version 26H1 for x64-based Systems
|
10.0.28000.1719 | ||
|
Windows 11 Version 26H1 for ARM64-based Systems 10.0.28000.1719
Windows 11 Version 26H1 for ARM64-based Systems
|
10.0.28000.1719 |
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Windows 11 Version 26H1 for ARM64-based Systems <10.0.28000.1719
Windows 11 Version 26H1 for ARM64-based Systems
|
<10.0.28000.1719 |
Vendor Fix
fix
|
|
|
Windows 11 version 26H1 for x64-based Systems <10.0.28000.1719
Windows 11 version 26H1 for x64-based Systems
|
<10.0.28000.1719 |
Vendor Fix
fix
|
|
|
Windows 11 Version 25H2 for x64-based Systems <10.0.26200.8037
Windows 11 Version 25H2 for x64-based Systems
|
<10.0.26200.8037 |
Vendor Fix
fix
Vendor Fix
fix
|
|
|
Windows 11 Version 25H2 for ARM64-based Systems <10.0.26200.8037
Windows 11 Version 25H2 for ARM64-based Systems
|
<10.0.26200.8037 |
Vendor Fix
fix
Vendor Fix
fix
|
|
|
Windows Server 2025 (Server Core installation) <10.0.26100.32522
Windows Server 2025 (Server Core installation)
|
<10.0.26100.32522 |
Vendor Fix
fix
Vendor Fix
fix
|
|
|
Windows Server 2025 <10.0.26100.32522
Windows Server 2025
|
<10.0.26100.32522 |
Vendor Fix
fix
Vendor Fix
fix
|
|
|
Windows 11 Version 24H2 for x64-based Systems <10.0.26100.8037
Windows 11 Version 24H2 for x64-based Systems
|
<10.0.26100.8037 |
Vendor Fix
fix
Vendor Fix
fix
|
|
|
Windows 11 Version 24H2 for ARM64-based Systems <10.0.26100.8037
Windows 11 Version 24H2 for ARM64-based Systems
|
<10.0.26100.8037 |
Vendor Fix
fix
Vendor Fix
fix
|
|
|
Windows Server 2022, 23H2 Edition (Server Core installation) <10.0.25398.2207
Windows Server 2022, 23H2 Edition (Server Core installation)
|
<10.0.25398.2207 |
Vendor Fix
fix
|
|
|
Windows 11 Version 23H2 for x64-based Systems <10.0.22631.6783
Windows 11 Version 23H2 for x64-based Systems
|
<10.0.22631.6783 |
Vendor Fix
fix
|
|
|
Windows 11 Version 23H2 for ARM64-based Systems <10.0.22631.6783
Windows 11 Version 23H2 for ARM64-based Systems
|
<10.0.22631.6783 |
Vendor Fix
fix
|
|
|
Windows 10 Version 22H2 for 32-bit Systems <10.0.19045.7058
Windows 10 Version 22H2 for 32-bit Systems
|
<10.0.19045.7058 |
Vendor Fix
fix
|
|
|
Windows 10 Version 22H2 for ARM64-based Systems <10.0.19045.7058
Windows 10 Version 22H2 for ARM64-based Systems
|
<10.0.19045.7058 |
Vendor Fix
fix
|
|
|
Windows 10 Version 22H2 for x64-based Systems <10.0.19045.7058
Windows 10 Version 22H2 for x64-based Systems
|
<10.0.19045.7058 |
Vendor Fix
fix
|
|
|
Windows 10 Version 21H2 for x64-based Systems <10.0.19044.7058
Windows 10 Version 21H2 for x64-based Systems
|
<10.0.19044.7058 |
Vendor Fix
fix
|
|
|
Windows 10 Version 21H2 for ARM64-based Systems <10.0.19044.7058
Windows 10 Version 21H2 for ARM64-based Systems
|
<10.0.19044.7058 |
Vendor Fix
fix
|
|
|
Windows 10 Version 21H2 for 32-bit Systems <10.0.19044.7058
Windows 10 Version 21H2 for 32-bit Systems
|
<10.0.19044.7058 |
Vendor Fix
fix
|
|
|
Windows Server 2022 (Server Core installation) <10.0.20348.4893
Windows Server 2022 (Server Core installation)
|
<10.0.20348.4893 |
Vendor Fix
fix
Vendor Fix
fix
|
|
|
Windows Server 2022 <10.0.20348.4893
Windows Server 2022
|
<10.0.20348.4893 |
Vendor Fix
fix
Vendor Fix
fix
|
|
|
Windows Server 2019 (Server Core installation) <10.0.17763.8511
Windows Server 2019 (Server Core installation)
|
<10.0.17763.8511 |
Vendor Fix
fix
|
|
|
Windows Server 2019 <10.0.17763.8511
Windows Server 2019
|
<10.0.17763.8511 |
Vendor Fix
fix
|
|
|
Windows 10 Version 1809 for x64-based Systems <10.0.17763.8511
Windows 10 Version 1809 for x64-based Systems
|
<10.0.17763.8511 |
Vendor Fix
fix
|
|
|
Windows 10 Version 1809 for 32-bit Systems <10.0.17763.8511
Windows 10 Version 1809 for 32-bit Systems
|
<10.0.17763.8511 |
Vendor Fix
fix
|
|
|
Windows Server 2016 (Server Core installation) <10.0.14393.8957
Windows Server 2016 (Server Core installation)
|
<10.0.14393.8957 |
Vendor Fix
fix
|
|
|
Windows 10 Version 1607 for x64-based Systems <10.0.14393.8957
Windows 10 Version 1607 for x64-based Systems
|
<10.0.14393.8957 |
Vendor Fix
fix
|
|
|
Windows 10 Version 1607 for 32-bit Systems <10.0.14393.8957
Windows 10 Version 1607 for 32-bit Systems
|
<10.0.14393.8957 |
Vendor Fix
fix
|
|
|
Windows Server 2016 <10.0.14393.8957
Windows Server 2016
|
<10.0.14393.8957 |
Vendor Fix
fix
|
|
|
Windows Server 2012 R2 (Server Core installation) <6.3.9600.23074
Windows Server 2012 R2 (Server Core installation)
|
<6.3.9600.23074 |
Vendor Fix
fix
|
|
|
Windows Server 2012 R2 <6.3.9600.23074
Windows Server 2012 R2
|
<6.3.9600.23074 |
Vendor Fix
fix
|
|
|
Windows Server 2012 (Server Core installation) <6.2.9200.25973
Windows Server 2012 (Server Core installation)
|
<6.2.9200.25973 |
Vendor Fix
fix
|
|
|
Windows Server 2012 <6.2.9200.25973
Windows Server 2012
|
<6.2.9200.25973 |
Vendor Fix
fix
|
Threats
Impact
Elevation of Privilege
Exploit Status
Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely
References
7 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | self |
| https://msrc.microsoft.com/csaf/advisories/2026/m… | self |
| https://www.microsoft.com/en-us/msrc/exploitabili… | external |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/update-guide/vulnerabi… | self |
| https://msrc.microsoft.com/csaf/advisories/2026/m… | self |
Acknowledgments
James Forshaw with Google Project Zero
{
"document": {
"acknowledgments": [
{
"names": [
"James Forshaw with Google Project Zero"
]
}
],
"aggregate_severity": {
"namespace": "https://www.microsoft.com/en-us/msrc/security-update-severity-rating-system",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
},
{
"category": "general",
"text": "Required. The vulnerability documented by this CVE requires customer action to resolve.",
"title": "Customer Action"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25187 Winlogon Elevation of Privilege Vulnerability - HTML",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25187"
},
{
"category": "self",
"summary": "CVE-2026-25187 Winlogon Elevation of Privilege Vulnerability - CSAF",
"url": "https://msrc.microsoft.com/csaf/advisories/2026/msrc_cve-2026-25187.json"
},
{
"category": "external",
"summary": "Microsoft Exploitability Index",
"url": "https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Winlogon Elevation of Privilege Vulnerability",
"tracking": {
"current_release_date": "2026-03-10T07:00:00.000Z",
"generator": {
"date": "2026-03-10T17:04:32.266Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2026-25187",
"initial_release_date": "2026-03-10T07:00:00.000Z",
"revision_history": [
{
"date": "2026-03-10T07:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.17763.8511",
"product": {
"name": "Windows 10 Version 1809 for 32-bit Systems \u003c10.0.17763.8511",
"product_id": "23"
}
},
{
"category": "product_version",
"name": "10.0.17763.8511",
"product": {
"name": "Windows 10 Version 1809 for 32-bit Systems 10.0.17763.8511",
"product_id": "11568"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.17763.8511",
"product": {
"name": "Windows 10 Version 1809 for x64-based Systems \u003c10.0.17763.8511",
"product_id": "22"
}
},
{
"category": "product_version",
"name": "10.0.17763.8511",
"product": {
"name": "Windows 10 Version 1809 for x64-based Systems 10.0.17763.8511",
"product_id": "11569"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1809 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.17763.8511",
"product": {
"name": "Windows Server 2019 \u003c10.0.17763.8511",
"product_id": "21"
}
},
{
"category": "product_version",
"name": "10.0.17763.8511",
"product": {
"name": "Windows Server 2019 10.0.17763.8511",
"product_id": "11571"
}
}
],
"category": "product_name",
"name": "Windows Server 2019"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.17763.8511",
"product": {
"name": "Windows Server 2019 (Server Core installation) \u003c10.0.17763.8511",
"product_id": "20"
}
},
{
"category": "product_version",
"name": "10.0.17763.8511",
"product": {
"name": "Windows Server 2019 (Server Core installation) 10.0.17763.8511",
"product_id": "11572"
}
}
],
"category": "product_name",
"name": "Windows Server 2019 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.20348.4893",
"product": {
"name": "Windows Server 2022 \u003c10.0.20348.4893",
"product_id": "19"
}
},
{
"category": "product_version",
"name": "10.0.20348.4893",
"product": {
"name": "Windows Server 2022 10.0.20348.4893",
"product_id": "11923"
}
}
],
"category": "product_name",
"name": "Windows Server 2022"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.20348.4893",
"product": {
"name": "Windows Server 2022 (Server Core installation) \u003c10.0.20348.4893",
"product_id": "18"
}
},
{
"category": "product_version",
"name": "10.0.20348.4893",
"product": {
"name": "Windows Server 2022 (Server Core installation) 10.0.20348.4893",
"product_id": "11924"
}
}
],
"category": "product_name",
"name": "Windows Server 2022 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19044.7058",
"product": {
"name": "Windows 10 Version 21H2 for 32-bit Systems \u003c10.0.19044.7058",
"product_id": "17"
}
},
{
"category": "product_version",
"name": "10.0.19044.7058",
"product": {
"name": "Windows 10 Version 21H2 for 32-bit Systems 10.0.19044.7058",
"product_id": "11929"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19044.7058",
"product": {
"name": "Windows 10 Version 21H2 for ARM64-based Systems \u003c10.0.19044.7058",
"product_id": "16"
}
},
{
"category": "product_version",
"name": "10.0.19044.7058",
"product": {
"name": "Windows 10 Version 21H2 for ARM64-based Systems 10.0.19044.7058",
"product_id": "11930"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19044.7058",
"product": {
"name": "Windows 10 Version 21H2 for x64-based Systems \u003c10.0.19044.7058",
"product_id": "15"
}
},
{
"category": "product_version",
"name": "10.0.19044.7058",
"product": {
"name": "Windows 10 Version 21H2 for x64-based Systems 10.0.19044.7058",
"product_id": "11931"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19045.7058",
"product": {
"name": "Windows 10 Version 22H2 for x64-based Systems \u003c10.0.19045.7058",
"product_id": "14"
}
},
{
"category": "product_version",
"name": "10.0.19045.7058",
"product": {
"name": "Windows 10 Version 22H2 for x64-based Systems 10.0.19045.7058",
"product_id": "12097"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19045.7058",
"product": {
"name": "Windows 10 Version 22H2 for ARM64-based Systems \u003c10.0.19045.7058",
"product_id": "13"
}
},
{
"category": "product_version",
"name": "10.0.19045.7058",
"product": {
"name": "Windows 10 Version 22H2 for ARM64-based Systems 10.0.19045.7058",
"product_id": "12098"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19045.7058",
"product": {
"name": "Windows 10 Version 22H2 for 32-bit Systems \u003c10.0.19045.7058",
"product_id": "12"
}
},
{
"category": "product_version",
"name": "10.0.19045.7058",
"product": {
"name": "Windows 10 Version 22H2 for 32-bit Systems 10.0.19045.7058",
"product_id": "12099"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.26100.32522",
"product": {
"name": "Windows Server 2025 (Server Core installation) \u003c10.0.26100.32522",
"product_id": "5"
}
},
{
"category": "product_version",
"name": "10.0.26100.32522",
"product": {
"name": "Windows Server 2025 (Server Core installation) 10.0.26100.32522",
"product_id": "12437"
}
}
],
"category": "product_name",
"name": "Windows Server 2025 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.26200.8037",
"product": {
"name": "Windows 11 Version 25H2 for ARM64-based Systems \u003c10.0.26200.8037",
"product_id": "4"
}
},
{
"category": "product_version",
"name": "10.0.26200.8037",
"product": {
"name": "Windows 11 Version 25H2 for ARM64-based Systems 10.0.26200.8037",
"product_id": "20437"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 25H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.26200.8037",
"product": {
"name": "Windows 11 Version 25H2 for x64-based Systems \u003c10.0.26200.8037",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "10.0.26200.8037",
"product": {
"name": "Windows 11 Version 25H2 for x64-based Systems 10.0.26200.8037",
"product_id": "20438"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 25H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.22631.6783",
"product": {
"name": "Windows 11 Version 23H2 for ARM64-based Systems \u003c10.0.22631.6783",
"product_id": "11"
}
},
{
"category": "product_version",
"name": "10.0.22631.6783",
"product": {
"name": "Windows 11 Version 23H2 for ARM64-based Systems 10.0.22631.6783",
"product_id": "12242"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 23H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.22631.6783",
"product": {
"name": "Windows 11 Version 23H2 for x64-based Systems \u003c10.0.22631.6783",
"product_id": "10"
}
},
{
"category": "product_version",
"name": "10.0.22631.6783",
"product": {
"name": "Windows 11 Version 23H2 for x64-based Systems 10.0.22631.6783",
"product_id": "12243"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 23H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.25398.2207",
"product": {
"name": "Windows Server 2022, 23H2 Edition (Server Core installation) \u003c10.0.25398.2207",
"product_id": "9"
}
},
{
"category": "product_version",
"name": "10.0.25398.2207",
"product": {
"name": "Windows Server 2022, 23H2 Edition (Server Core installation) 10.0.25398.2207",
"product_id": "12244"
}
}
],
"category": "product_name",
"name": "Windows Server 2022, 23H2 Edition (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.26100.8037",
"product": {
"name": "Windows 11 Version 24H2 for ARM64-based Systems \u003c10.0.26100.8037",
"product_id": "8"
}
},
{
"category": "product_version",
"name": "10.0.26100.8037",
"product": {
"name": "Windows 11 Version 24H2 for ARM64-based Systems 10.0.26100.8037",
"product_id": "12389"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 24H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.26100.8037",
"product": {
"name": "Windows 11 Version 24H2 for x64-based Systems \u003c10.0.26100.8037",
"product_id": "7"
}
},
{
"category": "product_version",
"name": "10.0.26100.8037",
"product": {
"name": "Windows 11 Version 24H2 for x64-based Systems 10.0.26100.8037",
"product_id": "12390"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 24H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.26100.32522",
"product": {
"name": "Windows Server 2025 \u003c10.0.26100.32522",
"product_id": "6"
}
},
{
"category": "product_version",
"name": "10.0.26100.32522",
"product": {
"name": "Windows Server 2025 10.0.26100.32522",
"product_id": "12436"
}
}
],
"category": "product_name",
"name": "Windows Server 2025"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.14393.8957",
"product": {
"name": "Windows 10 Version 1607 for 32-bit Systems \u003c10.0.14393.8957",
"product_id": "26"
}
},
{
"category": "product_version",
"name": "10.0.14393.8957",
"product": {
"name": "Windows 10 Version 1607 for 32-bit Systems 10.0.14393.8957",
"product_id": "10852"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.14393.8957",
"product": {
"name": "Windows 10 Version 1607 for x64-based Systems \u003c10.0.14393.8957",
"product_id": "25"
}
},
{
"category": "product_version",
"name": "10.0.14393.8957",
"product": {
"name": "Windows 10 Version 1607 for x64-based Systems 10.0.14393.8957",
"product_id": "10853"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1607 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.14393.8957",
"product": {
"name": "Windows Server 2016 \u003c10.0.14393.8957",
"product_id": "27"
}
},
{
"category": "product_version",
"name": "10.0.14393.8957",
"product": {
"name": "Windows Server 2016 10.0.14393.8957",
"product_id": "10816"
}
}
],
"category": "product_name",
"name": "Windows Server 2016"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.14393.8957",
"product": {
"name": "Windows Server 2016 (Server Core installation) \u003c10.0.14393.8957",
"product_id": "24"
}
},
{
"category": "product_version",
"name": "10.0.14393.8957",
"product": {
"name": "Windows Server 2016 (Server Core installation) 10.0.14393.8957",
"product_id": "10855"
}
}
],
"category": "product_name",
"name": "Windows Server 2016 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.2.9200.25973",
"product": {
"name": "Windows Server 2012 \u003c6.2.9200.25973",
"product_id": "31"
}
},
{
"category": "product_version",
"name": "6.2.9200.25973",
"product": {
"name": "Windows Server 2012 6.2.9200.25973",
"product_id": "10378"
}
}
],
"category": "product_name",
"name": "Windows Server 2012"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.2.9200.25973",
"product": {
"name": "Windows Server 2012 (Server Core installation) \u003c6.2.9200.25973",
"product_id": "30"
}
},
{
"category": "product_version",
"name": "6.2.9200.25973",
"product": {
"name": "Windows Server 2012 (Server Core installation) 6.2.9200.25973",
"product_id": "10379"
}
}
],
"category": "product_name",
"name": "Windows Server 2012 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.3.9600.23074",
"product": {
"name": "Windows Server 2012 R2 \u003c6.3.9600.23074",
"product_id": "29"
}
},
{
"category": "product_version",
"name": "6.3.9600.23074",
"product": {
"name": "Windows Server 2012 R2 6.3.9600.23074",
"product_id": "10483"
}
}
],
"category": "product_name",
"name": "Windows Server 2012 R2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.3.9600.23074",
"product": {
"name": "Windows Server 2012 R2 (Server Core installation) \u003c6.3.9600.23074",
"product_id": "28"
}
},
{
"category": "product_version",
"name": "6.3.9600.23074",
"product": {
"name": "Windows Server 2012 R2 (Server Core installation) 6.3.9600.23074",
"product_id": "10543"
}
}
],
"category": "product_name",
"name": "Windows Server 2012 R2 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.28000.1719",
"product": {
"name": "Windows 11 Version 26H1 for ARM64-based Systems \u003c10.0.28000.1719",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "10.0.28000.1719",
"product": {
"name": "Windows 11 Version 26H1 for ARM64-based Systems 10.0.28000.1719",
"product_id": "20854"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 26H1 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.28000.1719",
"product": {
"name": "Windows 11 version 26H1 for x64-based Systems \u003c10.0.28000.1719",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "10.0.28000.1719",
"product": {
"name": "Windows 11 version 26H1 for x64-based Systems 10.0.28000.1719",
"product_id": "20853"
}
}
],
"category": "product_name",
"name": "Windows 11 version 26H1 for x64-based Systems"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-25187",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"notes": [
{
"category": "general",
"text": "Microsoft",
"title": "Assigning CNA"
},
{
"category": "faq",
"text": "An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.",
"title": "What privileges could be gained by an attacker who successfully exploited this vulnerability?"
}
],
"product_status": {
"fixed": [
"10378",
"10379",
"10483",
"10543",
"10816",
"10852",
"10853",
"10855",
"11568",
"11569",
"11571",
"11572",
"11923",
"11924",
"11929",
"11930",
"11931",
"12097",
"12098",
"12099",
"12242",
"12243",
"12244",
"12389",
"12390",
"12436",
"12437",
"20437",
"20438",
"20853",
"20854"
],
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25187 Winlogon Elevation of Privilege Vulnerability - HTML",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25187"
},
{
"category": "self",
"summary": "CVE-2026-25187 Winlogon Elevation of Privilege Vulnerability - CSAF",
"url": "https://msrc.microsoft.com/csaf/advisories/2026/msrc_cve-2026-25187.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T07:00:00.000Z",
"details": "10.0.17763.8511:Security Update:https://support.microsoft.com/help/5078752",
"product_ids": [
"23",
"22",
"21",
"20"
],
"url": "https://support.microsoft.com/help/5078752"
},
{
"category": "vendor_fix",
"date": "2026-03-10T07:00:00.000Z",
"details": "10.0.20348.4893:Security Update:https://support.microsoft.com/help/5078766",
"product_ids": [
"19",
"18"
],
"url": "https://support.microsoft.com/help/5078766"
},
{
"category": "vendor_fix",
"date": "2026-03-10T07:00:00.000Z",
"details": "10.0.20348.4830:Security Hotpatch Update:https://support.microsoft.com/help/5078737",
"product_ids": [
"19",
"18"
],
"url": "https://support.microsoft.com/help/5078737"
},
{
"category": "vendor_fix",
"date": "2026-03-10T07:00:00.000Z",
"details": "10.0.19044.7058:Security Update:https://support.microsoft.com/help/5078885",
"product_ids": [
"17",
"16",
"15"
],
"url": "https://support.microsoft.com/help/5078885"
},
{
"category": "vendor_fix",
"date": "2026-03-10T07:00:00.000Z",
"details": "10.0.19045.7058:Security Update:https://support.microsoft.com/help/5078885",
"product_ids": [
"14",
"13",
"12"
],
"url": "https://support.microsoft.com/help/5078885"
},
{
"category": "vendor_fix",
"date": "2026-03-10T07:00:00.000Z",
"details": "10.0.26100.32522:Security Update:https://support.microsoft.com/help/5078740",
"product_ids": [
"5",
"6"
],
"url": "https://support.microsoft.com/help/5078740"
},
{
"category": "vendor_fix",
"date": "2026-03-10T07:00:00.000Z",
"details": "10.0.26100.32463:Security Hotpatch Update:https://support.microsoft.com/help/5078736",
"product_ids": [
"5",
"6"
],
"url": "https://support.microsoft.com/help/5078736"
},
{
"category": "vendor_fix",
"date": "2026-03-10T07:00:00.000Z",
"details": "10.0.26200.8037:Security Update:https://support.microsoft.com/help/5079473",
"product_ids": [
"4",
"3"
],
"url": "https://support.microsoft.com/help/5079473"
},
{
"category": "vendor_fix",
"date": "2026-03-10T07:00:00.000Z",
"details": "10.0.26200.7979:Security Hotpatch Update:https://support.microsoft.com/help/5079420",
"product_ids": [
"4",
"3"
],
"url": "https://support.microsoft.com/help/5079420"
},
{
"category": "vendor_fix",
"date": "2026-03-10T07:00:00.000Z",
"details": "10.0.22631.6783:Security Update:https://support.microsoft.com/help/5078883",
"product_ids": [
"11",
"10"
],
"url": "https://support.microsoft.com/help/5078883"
},
{
"category": "vendor_fix",
"date": "2026-03-10T07:00:00.000Z",
"details": "10.0.25398.2207:Security Update:https://support.microsoft.com/help/5078734",
"product_ids": [
"9"
],
"url": "https://support.microsoft.com/help/5078734"
},
{
"category": "vendor_fix",
"date": "2026-03-10T07:00:00.000Z",
"details": "10.0.26100.8037:Security Update:https://support.microsoft.com/help/5079473",
"product_ids": [
"8",
"7"
],
"url": "https://support.microsoft.com/help/5079473"
},
{
"category": "vendor_fix",
"date": "2026-03-10T07:00:00.000Z",
"details": "10.0.26100.7979:Security Hotpatch Update:https://support.microsoft.com/help/5079420",
"product_ids": [
"8",
"7"
],
"url": "https://support.microsoft.com/help/5079420"
},
{
"category": "vendor_fix",
"date": "2026-03-10T07:00:00.000Z",
"details": "10.0.14393.8957:Security Update:https://support.microsoft.com/help/5078938",
"product_ids": [
"26",
"25",
"27",
"24"
],
"url": "https://support.microsoft.com/help/5078938"
},
{
"category": "vendor_fix",
"date": "2026-03-10T07:00:00.000Z",
"details": "6.2.9200.25973:Monthly Rollup:https://support.microsoft.com/help/5078775",
"product_ids": [
"31",
"30"
],
"url": "https://support.microsoft.com/help/5078775"
},
{
"category": "vendor_fix",
"date": "2026-03-10T07:00:00.000Z",
"details": "6.3.9600.23074:Monthly Rollup:https://support.microsoft.com/help/5078774",
"product_ids": [
"29",
"28"
],
"url": "https://support.microsoft.com/help/5078774"
},
{
"category": "vendor_fix",
"date": "2026-03-10T07:00:00.000Z",
"details": "10.0.28000.1719:Security Update:https://support.microsoft.com/help/5079466",
"product_ids": [
"1",
"2"
],
"url": "https://support.microsoft.com/help/5079466"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 6.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31"
]
}
],
"threats": [
{
"category": "impact",
"details": "Elevation of Privilege"
},
{
"category": "exploit_status",
"details": "Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely"
}
],
"title": "Winlogon Elevation of Privilege Vulnerability"
}
]
}
NCSC-2026-0080
Vulnerability from csaf_ncscnl - Published: 2026-03-10 20:07 - Updated: 2026-03-10 20:07Summary
Kwetsbaarheden verholpen in Microsoft Windows
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Microsoft heeft kwetsbaarheden verholpen in Windows
Interpretaties: Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipulatie van gegevens
- Toegang tot gevoelige gegevens
- Uitvoeren van willekeurige code (gebruikersrechten)
- Verkrijgen van verhoogde rechten
- Omzeilen van een beveiligingsmaatregel
- Spoofing
```
Windows File Server:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24283 | 8.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Push Message Routing Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24282 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Mobile Broadband:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24288 | 6.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Ancillary Function Driver for WinSock:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24293 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-25176 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-25178 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2026-25179 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Kernel:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24287 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-24289 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-26132 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Print Spooler Components:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-23669 | 8.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Microsoft Brokering File System:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25167 | 7.40 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Resilient File System (ReFS):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-23673 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Telephony Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25188 | 8.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Microsoft Graphics Component:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-23668 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2026-25168 | 6.20 | Denial-of-Service |
| CVE-2026-25169 | 6.20 | Denial-of-Service |
| CVE-2026-25180 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Broadcast DVR:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-23667 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Performance Counters:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25165 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows System Image Manager:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25166 | 7.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Winlogon:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25187 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Kerberos:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24297 | 6.50 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
Windows Authentication Methods:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25171 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows NTFS:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25175 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Universal Disk Format File System Driver (UDFS):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-23672 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Shell Link Processing:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25185 | 5.30 | Voordoen als andere gebruiker |
|----------------|------|-------------------------------------|
Windows Routing and Remote Access Service (RRAS):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25172 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2026-25173 | 8.00 | Uitvoeren van willekeurige code |
| CVE-2026-26111 | 8.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Bluetooth RFCOM Protocol Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-23671 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Extensible File Allocation:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25174 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows MapUrlToZone:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-23674 | 7.50 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
Windows Projected File System:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24290 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Device Association Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24295 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2026-24296 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Connected Devices Platform Service (Cdpsvc):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24292 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Win32K:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24285 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows App Installer:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-23656 | 5.90 | Voordoen als andere gebruiker |
|----------------|------|-------------------------------------|
Windows GDI:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25190 | 7.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Role: Windows Hyper-V:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25170 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows GDI+:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25181 | 7.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Accessibility Infrastructure (ATBroker.exe):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24291 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-25186 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows DWM Core Library:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25189 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows SMB Server:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24294 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-26128 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Active Directory Domain Services:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25177 | 8.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
```
Oplossingen: Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:
https://portal.msrc.microsoft.com/en-us/security-guidance
Kans: medium
Schade: high
CWE-20: Improper Input Validation
CWE-41: Improper Resolution of Path Equivalence
CWE-59: Improper Link Resolution Before File Access ('Link Following')
CWE-73: External Control of File Name or Path
CWE-122: Heap-based Buffer Overflow
CWE-125: Out-of-bounds Read
CWE-190: Integer Overflow or Wraparound
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CWE-284: Improper Access Control
CWE-287: Improper Authentication
CWE-345: Insufficient Verification of Data Authenticity
CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-369: Divide By Zero
CWE-416: Use After Free
CWE-426: Untrusted Search Path
CWE-476: NULL Pointer Dereference
CWE-502: Deserialization of Untrusted Data
CWE-732: Incorrect Permission Assignment for Critical Resource
A vulnerability in Windows App Installer due to insufficient verification of data authenticity allows unauthorized attackers to perform network spoofing attacks.
CWE-345 - Insufficient Verification of Data AuthenticityAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in Broadcast DVR allows an authorized local attacker to elevate privileges on the affected system.
CWE-416 - Use After FreeAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
The Microsoft Graphics Component has a vulnerability due to improper synchronization in concurrent execution, allowing authorized attackers to locally elevate their privileges.
CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')Affected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in Windows Print Spooler Components allows an authorized attacker to remotely execute code over a network, posing a significant security risk.
CWE-416 - Use After FreeAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A race condition in the Windows Bluetooth RFCOM Protocol Driver allows an authorized local attacker to elevate privileges due to improper synchronization of shared resources.
CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')Affected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
The Windows Universal Disk Format File System Driver (UDFS) contains an elevation of privilege vulnerability that allows attackers to gain higher system privileges by exploiting a flaw in the UDFS driver.
CWE-125 - Out-of-bounds ReadAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An out-of-bounds read vulnerability in the Windows Resilient File System (ReFS) allows an authorized local attacker to elevate privileges on affected systems.
CWE-125 - Out-of-bounds ReadAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A vulnerability in Windows MapUrlToZone allows unauthorized attackers to bypass a security feature related to path equivalence over a network.
CWE-41 - Improper Resolution of Path EquivalenceAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An out-of-bounds read vulnerability in the Push Message Routing Service allows an authorized local attacker to disclose sensitive information.
CWE-125 - Out-of-bounds ReadAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A heap-based buffer overflow vulnerability in Windows File Server allows an authorized local attacker to escalate privileges by exploiting memory corruption.
CWE-122 - Heap-based Buffer OverflowAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in the Windows Win32K component allows an authorized local attacker to elevate privileges on the affected system.
CWE-416 - Use After FreeAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An authorized attacker can exploit external control of file name or path in the Windows Kernel to achieve local privilege escalation, potentially compromising system integrity.
CWE-73 - External Control of File Name or PathAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A heap-based buffer overflow vulnerability in Windows Mobile Broadband allows unauthorized code execution via a physical attack vector.
CWE-122 - Heap-based Buffer OverflowAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use after free vulnerability in the Windows Kernel allows an authorized attacker to locally elevate their privileges.
CWE-416 - Use After FreeAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An improper access control vulnerability in the Windows Projected File System allows an authorized local attacker to elevate their privileges.
CWE-284 - Improper Access ControlAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
Incorrect permission settings in the Windows Accessibility Infrastructure component ATBroker.exe allow a local authorized attacker to elevate privileges on the affected system.
CWE-732 - Incorrect Permission Assignment for Critical ResourceAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in the Connected Devices Platform Service (Cdpsvc) allows an authorized local attacker to elevate privileges on affected systems.
CWE-416 - Use After FreeAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A null pointer dereference vulnerability in the Windows Ancillary Function Driver for WinSock allows an authorized attacker to locally elevate their privileges.
CWE-476 - NULL Pointer DereferenceAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An improper authentication vulnerability in the Windows SMB Server allows an authorized local attacker to elevate their privileges.
CWE-287 - Improper AuthenticationAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A race condition vulnerability in the Windows Device Association Service due to improper synchronization of shared resources allows a local authorized attacker to elevate privileges.
CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')Affected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A race condition vulnerability in the Windows Device Association Service due to improper synchronization of shared resources allows a local authorized attacker to elevate privileges.
CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')Affected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A race condition in Windows Kerberos caused by improper synchronization of shared resources allows unauthorized attackers to bypass security features over a network.
CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')Affected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A null pointer dereference vulnerability in Windows Performance Counters allows an authorized local attacker to elevate privileges on affected Windows systems.
CWE-476 - NULL Pointer DereferenceAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A deserialization vulnerability in Windows System Image Manager allows an authorized attacker to execute code locally by processing untrusted data.
CWE-502 - Deserialization of Untrusted DataAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in the Microsoft Brokering File System allows unauthorized local attackers to escalate privileges on affected systems.
CWE-416 - Use After FreeAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A null pointer dereference vulnerability in the Microsoft Graphics Component allows an unauthorized local attacker to cause a denial of service by triggering a crash in the affected system.
CWE-476 - NULL Pointer DereferenceAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A divide by zero vulnerability in the Microsoft Graphics Component allows an unauthorized local attacker to cause a denial of service condition.
CWE-369 - Divide By ZeroAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in Windows Hyper-V allows an authorized local attacker to elevate privileges by exploiting improper memory management.
CWE-416 - Use After FreeAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in Windows Authentication Methods allows an authorized local attacker to elevate privileges by exploiting improper memory handling.
CWE-416 - Use After FreeAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An integer overflow vulnerability in the Windows Routing and Remote Access Service (RRAS) allows unauthorized remote code execution, posing a critical security risk to affected systems.
CWE-122 - Heap-based Buffer OverflowAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An integer overflow vulnerability in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to remotely execute code over a network.
CWE-122 - Heap-based Buffer OverflowAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An out-of-bounds read vulnerability in the Windows Extensible File Allocation component allows an authorized local attacker to elevate privileges on the affected system.
CWE-125 - Out-of-bounds ReadAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An out-of-bounds read vulnerability in the Windows NTFS file system allows an authorized local attacker to elevate privileges by exploiting improper memory access.
CWE-125 - Out-of-bounds ReadAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An improper access control vulnerability in the Windows Ancillary Function Driver for WinSock allows an authorized local attacker to elevate privileges on affected systems.
CWE-284 - Improper Access ControlAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.
CWE-641 - Improper Restriction of Names for Files and Other ResourcesAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use after free vulnerability in the Windows Ancillary Function Driver for WinSock allows an authorized attacker to locally elevate privileges.
CWE-416 - Use After FreeAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An improper input validation vulnerability in the Windows Ancillary Function Driver for WinSock allows an authorized local attacker to elevate privileges on affected systems.
CWE-1287 - Improper Validation of Specified Type of InputAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An out-of-bounds read vulnerability in the Microsoft Graphics Component allows unauthorized local attackers to disclose sensitive information.
CWE-125 - Out-of-bounds ReadAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An out-of-bounds read vulnerability in Windows GDI+ allows unauthorized attackers to disclose sensitive information over a network.
CWE-125 - Out-of-bounds ReadAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A vulnerability in Windows Shell Link Processing allows unauthorized actors to access sensitive information, potentially enabling network spoofing attacks.
CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A vulnerability in the Windows Accessibility Infrastructure (ATBroker.exe) allows a local authorized attacker to disclose sensitive information to unauthorized actors.
CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An authorized local attacker can exploit improper link resolution in Winlogon to gain elevated privileges by manipulating the link resolution process before file access.
CWE-59 - Improper Link Resolution Before File Access ('Link Following')Affected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A heap-based buffer overflow vulnerability in the Windows Telephony Service allows unauthorized attackers to elevate privileges over a network, posing significant security risks.
CWE-122 - Heap-based Buffer OverflowAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use-after-free vulnerability in the Windows Desktop Window Manager (DWM) Core Library allows an authorized local attacker to elevate privileges on affected systems.
CWE-416 - Use After FreeAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An untrusted search path vulnerability in Windows GDI allows unauthorized local code execution by exploiting the way the system handles file paths.
CWE-426 - Untrusted Search PathAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An integer overflow vulnerability in the Windows Routing and Remote Access Service (RRAS) allows unauthorized remote code execution, posing a critical security risk to affected systems.
CWE-122 - Heap-based Buffer OverflowAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
An improper authentication vulnerability in the Windows SMB Server allows an authorized local attacker to elevate their privileges.
CWE-287 - Improper AuthenticationAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
A use after free vulnerability in the Windows Kernel allows an authorized attacker to locally elevate their privileges.
CWE-416 - Use After FreeAffected products
Known affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1607 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 1809 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 21H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for 32-bit Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 10 Version 22H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 23H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 24H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 25H2 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 Version 26H1 for ARM64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows 11 version 26H1 for x64-based Systems
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2012 R2 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2016 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2019 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022 (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2022, 23H2 Edition (Server Core installation)
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025
|
vers:unknown/* | ||
|
vers:unknown/*
Microsoft / Windows Server 2025 (Server Core installation)
|
vers:unknown/* |
References
48 references
| URL | Category |
|---|---|
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Microsoft heeft kwetsbaarheden verholpen in Windows",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipulatie van gegevens\n- Toegang tot gevoelige gegevens\n- Uitvoeren van willekeurige code (gebruikersrechten)\n- Verkrijgen van verhoogde rechten\n- Omzeilen van een beveiligingsmaatregel\n- Spoofing\n\n```\nWindows File Server: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-24283 | 8.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nPush Message Routing Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-24282 | 5.50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Mobile Broadband: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-24288 | 6.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Ancillary Function Driver for WinSock: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-24293 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-25176 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-25178 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-25179 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Kernel: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-24287 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-24289 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-26132 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Print Spooler Components: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-23669 | 8.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nMicrosoft Brokering File System: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-25167 | 7.40 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Resilient File System (ReFS): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-23673 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Telephony Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-25188 | 8.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nMicrosoft Graphics Component: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-23668 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-25168 | 6.20 | Denial-of-Service | \n| CVE-2026-25169 | 6.20 | Denial-of-Service | \n| CVE-2026-25180 | 5.50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nBroadcast DVR: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-23667 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Performance Counters: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-25165 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows System Image Manager: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-25166 | 7.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWinlogon: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-25187 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Kerberos: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-24297 | 6.50 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nWindows Authentication Methods: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-25171 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows NTFS: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-25175 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Universal Disk Format File System Driver (UDFS): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-23672 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Shell Link Processing: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-25185 | 5.30 | Voordoen als andere gebruiker | \n|----------------|------|-------------------------------------|\n\nWindows Routing and Remote Access Service (RRAS): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-25172 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2026-25173 | 8.00 | Uitvoeren van willekeurige code | \n| CVE-2026-26111 | 8.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Bluetooth RFCOM Protocol Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-23671 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Extensible File Allocation: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-25174 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows MapUrlToZone: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-23674 | 7.50 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nWindows Projected File System: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-24290 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Device Association Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-24295 | 7.00 | Verkrijgen van verhoogde rechten | \n| CVE-2026-24296 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nConnected Devices Platform Service (Cdpsvc): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-24292 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Win32K: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-24285 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows App Installer: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-23656 | 5.90 | Voordoen als andere gebruiker | \n|----------------|------|-------------------------------------|\n\nWindows GDI: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-25190 | 7.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nRole: Windows Hyper-V: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-25170 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows GDI+: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-25181 | 7.50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Accessibility Infrastructure (ATBroker.exe): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-24291 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-25186 | 5.50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows DWM Core Library: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-25189 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows SMB Server: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-24294 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2026-26128 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nActive Directory Domain Services: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2026-25177 | 8.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n```\n",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:\n\nhttps://portal.msrc.microsoft.com/en-us/security-guidance",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Improper Resolution of Path Equivalence",
"title": "CWE-41"
},
{
"category": "general",
"text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"title": "CWE-59"
},
{
"category": "general",
"text": "External Control of File Name or Path",
"title": "CWE-73"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improper Authentication",
"title": "CWE-287"
},
{
"category": "general",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
},
{
"category": "general",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "general",
"text": "Divide By Zero",
"title": "CWE-369"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "Untrusted Search Path",
"title": "CWE-426"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"title": "Kwetsbaarheden verholpen in Microsoft Windows",
"tracking": {
"current_release_date": "2026-03-10T20:07:55.976638Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.3"
}
},
"id": "NCSC-2026-0080",
"initial_release_date": "2026-03-10T20:07:55.976638Z",
"revision_history": [
{
"date": "2026-03-10T20:07:55.976638Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-1"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-2"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1607 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-3"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-4"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1809 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-5"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-6"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-7"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-8"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-9"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-10"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-11"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 23H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-12"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 23H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-13"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 24H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-14"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 24H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-15"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 25H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-16"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 25H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-17"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 26H1 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-18"
}
}
],
"category": "product_name",
"name": "Windows 11 version 26H1 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-19"
}
}
],
"category": "product_name",
"name": "Windows Server 2012"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-20"
}
}
],
"category": "product_name",
"name": "Windows Server 2012 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-21"
}
}
],
"category": "product_name",
"name": "Windows Server 2012 R2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-22"
}
}
],
"category": "product_name",
"name": "Windows Server 2012 R2 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-23"
}
}
],
"category": "product_name",
"name": "Windows Server 2016"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-24"
}
}
],
"category": "product_name",
"name": "Windows Server 2016 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-25"
}
}
],
"category": "product_name",
"name": "Windows Server 2019"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-26"
}
}
],
"category": "product_name",
"name": "Windows Server 2019 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-27"
}
}
],
"category": "product_name",
"name": "Windows Server 2022"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-28"
}
}
],
"category": "product_name",
"name": "Windows Server 2022 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-29"
}
}
],
"category": "product_name",
"name": "Windows Server 2022, 23H2 Edition (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-30"
}
}
],
"category": "product_name",
"name": "Windows Server 2025"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-31"
}
}
],
"category": "product_name",
"name": "Windows Server 2025 (Server Core installation)"
}
],
"category": "vendor",
"name": "Microsoft"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-23656",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"notes": [
{
"category": "other",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
},
{
"category": "description",
"text": "A vulnerability in Windows App Installer due to insufficient verification of data authenticity allows unauthorized attackers to perform network spoofing attacks.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-23656 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-23656.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-23656"
},
{
"cve": "CVE-2026-23667",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in Broadcast DVR allows an authorized local attacker to elevate privileges on the affected system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-23667 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-23667.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-23667"
},
{
"cve": "CVE-2026-23668",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "description",
"text": "The Microsoft Graphics Component has a vulnerability due to improper synchronization in concurrent execution, allowing authorized attackers to locally elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-23668 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-23668.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-23668"
},
{
"cve": "CVE-2026-23669",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in Windows Print Spooler Components allows an authorized attacker to remotely execute code over a network, posing a significant security risk.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-23669 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-23669.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-23669"
},
{
"cve": "CVE-2026-23671",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A race condition in the Windows Bluetooth RFCOM Protocol Driver allows an authorized local attacker to elevate privileges due to improper synchronization of shared resources.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-23671 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-23671.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-23671"
},
{
"cve": "CVE-2026-23672",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "The Windows Universal Disk Format File System Driver (UDFS) contains an elevation of privilege vulnerability that allows attackers to gain higher system privileges by exploiting a flaw in the UDFS driver.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-23672 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-23672.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-23672"
},
{
"cve": "CVE-2026-23673",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "An out-of-bounds read vulnerability in the Windows Resilient File System (ReFS) allows an authorized local attacker to elevate privileges on affected systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-23673 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-23673.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-23673"
},
{
"cve": "CVE-2026-23674",
"cwe": {
"id": "CWE-41",
"name": "Improper Resolution of Path Equivalence"
},
"notes": [
{
"category": "other",
"text": "Improper Resolution of Path Equivalence",
"title": "CWE-41"
},
{
"category": "description",
"text": "A vulnerability in Windows MapUrlToZone allows unauthorized attackers to bypass a security feature related to path equivalence over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-23674 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-23674.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-23674"
},
{
"cve": "CVE-2026-24282",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "An out-of-bounds read vulnerability in the Push Message Routing Service allows an authorized local attacker to disclose sensitive information.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-24282 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-24282.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-24282"
},
{
"cve": "CVE-2026-24283",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in Windows File Server allows an authorized local attacker to escalate privileges by exploiting memory corruption.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-24283 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-24283.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-24283"
},
{
"cve": "CVE-2026-24285",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in the Windows Win32K component allows an authorized local attacker to elevate privileges on the affected system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-24285 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-24285.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-24285"
},
{
"cve": "CVE-2026-24287",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"notes": [
{
"category": "other",
"text": "External Control of File Name or Path",
"title": "CWE-73"
},
{
"category": "description",
"text": "An authorized attacker can exploit external control of file name or path in the Windows Kernel to achieve local privilege escalation, potentially compromising system integrity.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-24287 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-24287.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-24287"
},
{
"cve": "CVE-2026-24288",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in Windows Mobile Broadband allows unauthorized code execution via a physical attack vector.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-24288 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-24288.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-24288"
},
{
"cve": "CVE-2026-24289",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use after free vulnerability in the Windows Kernel allows an authorized attacker to locally elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-24289 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-24289.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-24289"
},
{
"cve": "CVE-2026-24290",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "description",
"text": "An improper access control vulnerability in the Windows Projected File System allows an authorized local attacker to elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-24290 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-24290.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-24290"
},
{
"cve": "CVE-2026-24291",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"notes": [
{
"category": "other",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
},
{
"category": "description",
"text": "Incorrect permission settings in the Windows Accessibility Infrastructure component ATBroker.exe allow a local authorized attacker to elevate privileges on the affected system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-24291 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-24291.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-24291"
},
{
"cve": "CVE-2026-24292",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in the Connected Devices Platform Service (Cdpsvc) allows an authorized local attacker to elevate privileges on affected systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-24292 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-24292.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-24292"
},
{
"cve": "CVE-2026-24293",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "description",
"text": "A null pointer dereference vulnerability in the Windows Ancillary Function Driver for WinSock allows an authorized attacker to locally elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-24293 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-24293.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-24293"
},
{
"cve": "CVE-2026-24294",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "other",
"text": "Improper Authentication",
"title": "CWE-287"
},
{
"category": "description",
"text": "An improper authentication vulnerability in the Windows SMB Server allows an authorized local attacker to elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-24294 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-24294.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-24294"
},
{
"cve": "CVE-2026-24295",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A race condition vulnerability in the Windows Device Association Service due to improper synchronization of shared resources allows a local authorized attacker to elevate privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-24295 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-24295.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-24295"
},
{
"cve": "CVE-2026-24296",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "description",
"text": "A race condition vulnerability in the Windows Device Association Service due to improper synchronization of shared resources allows a local authorized attacker to elevate privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-24296 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-24296.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-24296"
},
{
"cve": "CVE-2026-24297",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "description",
"text": "A race condition in Windows Kerberos caused by improper synchronization of shared resources allows unauthorized attackers to bypass security features over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-24297 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-24297.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-24297"
},
{
"cve": "CVE-2026-25165",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "description",
"text": "A null pointer dereference vulnerability in Windows Performance Counters allows an authorized local attacker to elevate privileges on affected Windows systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25165 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25165.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-25165"
},
{
"cve": "CVE-2026-25166",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "description",
"text": "A deserialization vulnerability in Windows System Image Manager allows an authorized attacker to execute code locally by processing untrusted data.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25166 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25166.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-25166"
},
{
"cve": "CVE-2026-25167",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in the Microsoft Brokering File System allows unauthorized local attackers to escalate privileges on affected systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25167 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25167.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-25167"
},
{
"cve": "CVE-2026-25168",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "description",
"text": "A null pointer dereference vulnerability in the Microsoft Graphics Component allows an unauthorized local attacker to cause a denial of service by triggering a crash in the affected system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25168 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25168.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-25168"
},
{
"cve": "CVE-2026-25169",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"notes": [
{
"category": "other",
"text": "Divide By Zero",
"title": "CWE-369"
},
{
"category": "description",
"text": "A divide by zero vulnerability in the Microsoft Graphics Component allows an unauthorized local attacker to cause a denial of service condition.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25169 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25169.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-25169"
},
{
"cve": "CVE-2026-25170",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in Windows Hyper-V allows an authorized local attacker to elevate privileges by exploiting improper memory management.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25170 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25170.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-25170"
},
{
"cve": "CVE-2026-25171",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in Windows Authentication Methods allows an authorized local attacker to elevate privileges by exploiting improper memory handling.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25171 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25171.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-25171"
},
{
"cve": "CVE-2026-25172",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "description",
"text": "An integer overflow vulnerability in the Windows Routing and Remote Access Service (RRAS) allows unauthorized remote code execution, posing a critical security risk to affected systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25172 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25172.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-25172"
},
{
"cve": "CVE-2026-25173",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "description",
"text": "An integer overflow vulnerability in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to remotely execute code over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25173 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25173.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-25173"
},
{
"cve": "CVE-2026-25174",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "An out-of-bounds read vulnerability in the Windows Extensible File Allocation component allows an authorized local attacker to elevate privileges on the affected system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25174 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25174.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-25174"
},
{
"cve": "CVE-2026-25175",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "An out-of-bounds read vulnerability in the Windows NTFS file system allows an authorized local attacker to elevate privileges by exploiting improper memory access.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25175 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25175.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-25175"
},
{
"cve": "CVE-2026-25176",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "description",
"text": "An improper access control vulnerability in the Windows Ancillary Function Driver for WinSock allows an authorized local attacker to elevate privileges on affected systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25176 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25176.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-25176"
},
{
"cve": "CVE-2026-25177",
"cwe": {
"id": "CWE-641",
"name": "Improper Restriction of Names for Files and Other Resources"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Names for Files and Other Resources",
"title": "CWE-641"
},
{
"category": "description",
"text": "Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25177 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25177.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-25177"
},
{
"cve": "CVE-2026-25178",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use after free vulnerability in the Windows Ancillary Function Driver for WinSock allows an authorized attacker to locally elevate privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25178 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25178.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-25178"
},
{
"cve": "CVE-2026-25179",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "other",
"text": "Improper Validation of Specified Type of Input",
"title": "CWE-1287"
},
{
"category": "description",
"text": "An improper input validation vulnerability in the Windows Ancillary Function Driver for WinSock allows an authorized local attacker to elevate privileges on affected systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25179 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25179.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-25179"
},
{
"cve": "CVE-2026-25180",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "An out-of-bounds read vulnerability in the Microsoft Graphics Component allows unauthorized local attackers to disclose sensitive information.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25180 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25180.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-25180"
},
{
"cve": "CVE-2026-25181",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "An out-of-bounds read vulnerability in Windows GDI+ allows unauthorized attackers to disclose sensitive information over a network.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25181 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25181.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-25181"
},
{
"cve": "CVE-2026-25185",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "description",
"text": "A vulnerability in Windows Shell Link Processing allows unauthorized actors to access sensitive information, potentially enabling network spoofing attacks.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25185 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25185.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-25185"
},
{
"cve": "CVE-2026-25186",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "description",
"text": "A vulnerability in the Windows Accessibility Infrastructure (ATBroker.exe) allows a local authorized attacker to disclose sensitive information to unauthorized actors.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25186 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25186.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-25186"
},
{
"cve": "CVE-2026-25187",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"title": "CWE-59"
},
{
"category": "description",
"text": "An authorized local attacker can exploit improper link resolution in Winlogon to gain elevated privileges by manipulating the link resolution process before file access.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25187 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25187.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-25187"
},
{
"cve": "CVE-2026-25188",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability in the Windows Telephony Service allows unauthorized attackers to elevate privileges over a network, posing significant security risks.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25188 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25188.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-25188"
},
{
"cve": "CVE-2026-25189",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use-after-free vulnerability in the Windows Desktop Window Manager (DWM) Core Library allows an authorized local attacker to elevate privileges on affected systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25189 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25189.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-25189"
},
{
"cve": "CVE-2026-25190",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"notes": [
{
"category": "other",
"text": "Untrusted Search Path",
"title": "CWE-426"
},
{
"category": "description",
"text": "An untrusted search path vulnerability in Windows GDI allows unauthorized local code execution by exploiting the way the system handles file paths.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-25190 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-25190.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-25190"
},
{
"cve": "CVE-2026-26111",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "description",
"text": "An integer overflow vulnerability in the Windows Routing and Remote Access Service (RRAS) allows unauthorized remote code execution, posing a critical security risk to affected systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-26111 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-26111.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-26111"
},
{
"cve": "CVE-2026-26128",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "other",
"text": "Improper Authentication",
"title": "CWE-287"
},
{
"category": "description",
"text": "An improper authentication vulnerability in the Windows SMB Server allows an authorized local attacker to elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-26128 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-26128.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-26128"
},
{
"cve": "CVE-2026-26132",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A use after free vulnerability in the Windows Kernel allows an authorized attacker to locally elevate their privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-26132 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-26132.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31"
]
}
],
"title": "CVE-2026-26132"
}
]
}
WID-SEC-W-2026-0661
Vulnerability from csaf_certbund - Published: 2026-03-10 23:00 - Updated: 2026-05-19 22:00Summary
Microsoft Windows und Windows Server: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Windows ist ein Betriebssystem von Microsoft.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Microsoft Windows und Windows Server ausnutzen, um seine Privilegien zu erhöhen, um beliebigen Programmcode auszuführen, um einen Denial of Service Angriff durchzuführen, um Sicherheitsvorkehrungen zu umgehen, um Informationen offenzulegen, und um falsche Informationen darzustellen.
Betroffene Betriebssysteme: - Windows
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Microsoft Windows Server 2019
Microsoft
|
cpe:/o:microsoft:windows_server_2019:-
|
— | |
|
Microsoft Windows 11 Version 25H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_25h2
|
Version 25H2 | |
|
Microsoft Windows 10 Version 21H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_21h2
|
Version 21H2 | |
|
Microsoft Windows Server 2022
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:-
|
— | |
|
Microsoft Windows Server 2016
Microsoft
|
cpe:/o:microsoft:windows_server_2016:-
|
— | |
|
Microsoft Windows 11 Version 24H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_24h2
|
Version 24H2 | |
|
Microsoft Windows Server 2012 R2
Microsoft
|
cpe:/o:microsoft:windows_server_2012_r2:-
|
— | |
|
Microsoft Windows 10 Version 1809
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1809
|
Version 1809 | |
|
Microsoft Windows 10 Version 1607
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_1607
|
Version 1607 | |
|
Microsoft Windows Server 2025
Microsoft
|
cpe:/o:microsoft:windows_server_2025:-
|
— | |
|
Microsoft Windows 10 Version 22H2
Microsoft / Windows 10
|
cpe:/o:microsoft:windows_10:version_22h2
|
Version 22H2 | |
|
Microsoft Windows 11 version 26H1
Microsoft / Windows 11
|
version 26H1 | ||
|
Microsoft Windows App Client for Desktop
Microsoft / Windows
|
cpe:/o:microsoft:windows:app_client_for_desktop
|
App Client for Desktop | |
|
Microsoft Windows Server 2012
Microsoft
|
cpe:/o:microsoft:windows_server_2012:-
|
— | |
|
Microsoft Windows Server 2022 23H2 Edition
Microsoft / Windows Server 2022
|
cpe:/o:microsoft:windows_server_2022:23h2_edition
|
23H2 Edition | |
|
Microsoft Windows 11 Version 23H2
Microsoft / Windows 11
|
cpe:/o:microsoft:windows_11:version_23h2
|
Version 23H2 | |
|
Hitachi Storage
Hitachi
|
cpe:/h:hitachi:storage:-
|
— |
References
5 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Windows ist ein Betriebssystem von Microsoft.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Microsoft Windows und Windows Server ausnutzen, um seine Privilegien zu erh\u00f6hen, um beliebigen Programmcode auszuf\u00fchren, um einen Denial of Service Angriff durchzuf\u00fchren, um Sicherheitsvorkehrungen zu umgehen, um Informationen offenzulegen, und um falsche Informationen darzustellen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0661 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0661.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0661 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0661"
},
{
"category": "external",
"summary": "Microsoft Leitfaden f\u00fcr Sicherheitsupdates",
"url": "https://msrc.microsoft.com/update-guide/"
},
{
"category": "external",
"summary": "MDSec RIP RegPwn Report vom 2026-03-18",
"url": "https://www.mdsec.co.uk/2026/03/rip-regpwn/"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2026-310 vom 2026-05-20",
"url": "https://www.hitachi.com/products/it/storage-solutions/sec_info/2026/03.html"
}
],
"source_lang": "en-US",
"title": "Microsoft Windows und Windows Server: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-05-19T22:00:00.000+00:00",
"generator": {
"date": "2026-05-20T08:33:13.243+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-0661",
"initial_release_date": "2026-03-10T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-03-10T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-03-18T23:00:00.000+00:00",
"number": "2",
"summary": "PoC f\u00fcr CVE-2026-24291 aufgenommen"
},
{
"date": "2026-05-19T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von HITACHI aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Hitachi Storage",
"product": {
"name": "Hitachi Storage",
"product_id": "T009295",
"product_identification_helper": {
"cpe": "cpe:/h:hitachi:storage:-"
}
}
}
],
"category": "vendor",
"name": "Hitachi"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "App Client for Desktop",
"product": {
"name": "Microsoft Windows App Client for Desktop",
"product_id": "T042613",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows:app_client_for_desktop"
}
}
}
],
"category": "product_name",
"name": "Windows"
},
{
"branches": [
{
"category": "product_version",
"name": "Version 1607",
"product": {
"name": "Microsoft Windows 10 Version 1607",
"product_id": "T050728",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:version_1607"
}
}
},
{
"category": "product_version",
"name": "Version 1809",
"product": {
"name": "Microsoft Windows 10 Version 1809",
"product_id": "T050729",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:version_1809"
}
}
},
{
"category": "product_version",
"name": "Version 21H2",
"product": {
"name": "Microsoft Windows 10 Version 21H2",
"product_id": "T050732",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:version_21h2"
}
}
},
{
"category": "product_version",
"name": "Version 22H2",
"product": {
"name": "Microsoft Windows 10 Version 22H2",
"product_id": "T050734",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:version_22h2"
}
}
}
],
"category": "product_name",
"name": "Windows 10"
},
{
"branches": [
{
"category": "product_version",
"name": "Version 23H2",
"product": {
"name": "Microsoft Windows 11 Version 23H2",
"product_id": "T050735",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_11:version_23h2"
}
}
},
{
"category": "product_version",
"name": "Version 24H2",
"product": {
"name": "Microsoft Windows 11 Version 24H2",
"product_id": "T050738",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_11:version_24h2"
}
}
},
{
"category": "product_version",
"name": "Version 25H2",
"product": {
"name": "Microsoft Windows 11 Version 25H2",
"product_id": "T050741",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_11:version_25h2"
}
}
},
{
"category": "product_version_range",
"name": "version 26H1",
"product": {
"name": "Microsoft Windows 11 version 26H1",
"product_id": "T050744"
}
}
],
"category": "product_name",
"name": "Windows 11"
},
{
"category": "product_name",
"name": "Microsoft Windows Server 2012",
"product": {
"name": "Microsoft Windows Server 2012",
"product_id": "T050725",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2012:-"
}
}
},
{
"category": "product_name",
"name": "Microsoft Windows Server 2012 R2",
"product": {
"name": "Microsoft Windows Server 2012 R2",
"product_id": "T050726",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2012_r2:-"
}
}
},
{
"category": "product_name",
"name": "Microsoft Windows Server 2016",
"product": {
"name": "Microsoft Windows Server 2016",
"product_id": "T050727",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2016:-"
}
}
},
{
"category": "product_name",
"name": "Microsoft Windows Server 2019",
"product": {
"name": "Microsoft Windows Server 2019",
"product_id": "T050730",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2019:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "Microsoft Windows Server 2022",
"product": {
"name": "Microsoft Windows Server 2022",
"product_id": "T050731",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2022:-"
}
}
},
{
"category": "product_version",
"name": "23H2 Edition",
"product": {
"name": "Microsoft Windows Server 2022 23H2 Edition",
"product_id": "T050736",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2022:23h2_edition"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2022"
},
{
"category": "product_name",
"name": "Microsoft Windows Server 2025",
"product": {
"name": "Microsoft Windows Server 2025",
"product_id": "T050739",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2025:-"
}
}
}
],
"category": "vendor",
"name": "Microsoft"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-23656",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-23656"
},
{
"cve": "CVE-2026-23667",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-23667"
},
{
"cve": "CVE-2026-23668",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-23668"
},
{
"cve": "CVE-2026-23669",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-23669"
},
{
"cve": "CVE-2026-23671",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-23671"
},
{
"cve": "CVE-2026-23672",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-23672"
},
{
"cve": "CVE-2026-23673",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-23673"
},
{
"cve": "CVE-2026-23674",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-23674"
},
{
"cve": "CVE-2026-24282",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-24282"
},
{
"cve": "CVE-2026-24283",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-24283"
},
{
"cve": "CVE-2026-24285",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-24285"
},
{
"cve": "CVE-2026-24287",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-24287"
},
{
"cve": "CVE-2026-24288",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-24288"
},
{
"cve": "CVE-2026-24289",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-24289"
},
{
"cve": "CVE-2026-24290",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-24290"
},
{
"cve": "CVE-2026-24291",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-24291"
},
{
"cve": "CVE-2026-24292",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-24292"
},
{
"cve": "CVE-2026-24293",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-24293"
},
{
"cve": "CVE-2026-24294",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-24294"
},
{
"cve": "CVE-2026-24295",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-24295"
},
{
"cve": "CVE-2026-24296",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-24296"
},
{
"cve": "CVE-2026-24297",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-24297"
},
{
"cve": "CVE-2026-25165",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-25165"
},
{
"cve": "CVE-2026-25166",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-25166"
},
{
"cve": "CVE-2026-25167",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-25167"
},
{
"cve": "CVE-2026-25168",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-25168"
},
{
"cve": "CVE-2026-25169",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-25169"
},
{
"cve": "CVE-2026-25170",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-25170"
},
{
"cve": "CVE-2026-25171",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-25171"
},
{
"cve": "CVE-2026-25172",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-25172"
},
{
"cve": "CVE-2026-25173",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-25173"
},
{
"cve": "CVE-2026-25174",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-25174"
},
{
"cve": "CVE-2026-25175",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-25175"
},
{
"cve": "CVE-2026-25176",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-25176"
},
{
"cve": "CVE-2026-25177",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-25177"
},
{
"cve": "CVE-2026-25178",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-25178"
},
{
"cve": "CVE-2026-25179",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-25179"
},
{
"cve": "CVE-2026-25180",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-25180"
},
{
"cve": "CVE-2026-25181",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-25181"
},
{
"cve": "CVE-2026-25185",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-25185"
},
{
"cve": "CVE-2026-25186",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-25186"
},
{
"cve": "CVE-2026-25187",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-25187"
},
{
"cve": "CVE-2026-25188",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-25188"
},
{
"cve": "CVE-2026-25189",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-25189"
},
{
"cve": "CVE-2026-25190",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-25190"
},
{
"cve": "CVE-2026-26111",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-26111"
},
{
"cve": "CVE-2026-26128",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-26128"
},
{
"cve": "CVE-2026-26132",
"product_status": {
"known_affected": [
"T050730",
"T050741",
"T050732",
"T050731",
"T050727",
"T050738",
"T050726",
"T050729",
"T050728",
"T050739",
"T050734",
"T050744",
"T042613",
"T050725",
"T050736",
"T050735",
"T009295"
]
},
"release_date": "2026-03-10T23:00:00.000+00:00",
"title": "CVE-2026-26132"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…