Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows 11
Subscriptions
Total
803 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-2636 | 1 Microsoft | 5 Windows, Windows 11, Windows 11 23h2 and 2 more | 2026-04-18 | 5.5 Medium |
| This vulnerability is caused by a CWE‑159: "Improper Handling of Invalid Use of Special Elements" weakness, which leads to an unrecoverable inconsistency in the CLFS.sys driver. This condition forces a call to the KeBugCheckEx function, allowing an unprivileged user to trigger a system crash. Microsoft silently fixed this vulnerability in the September 2025 cumulative update for Windows 11 2024 LTSC and Windows Server 2025. Windows 25H2 (released in September) was released with the patch. Windows 1123h2 and earlier versions remain vulnerable. | ||||
| CVE-2025-40979 | 2 Grandstream, Microsoft | 3 Wave, Windows, Windows 11 | 2026-04-15 | N/A |
| DLL search order hijacking vulnerability in the wave.exe executable for Windows 11, version 1.27.8. Exploitation of this vulnerability could allow attackers with local access to execute arbitrary code by placing an arbitrary file in the 'C:\Users<user>\AppData\Local\Temp' directory, which could lead to arbitrary code execution and persistence. This vulnerability is only replicable in versions of Windows 11 and does not affect earlier versions. | ||||
| CVE-2024-6768 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2026-04-15 | N/A |
| A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function. | ||||
| CVE-2025-8061 | 2 Lenovo, Microsoft | 3 Dispatcher, Windows, Windows 11 | 2026-04-15 | 7 High |
| A potential insufficient access control vulnerability was reported in the Lenovo Dispatcher 3.0 and Dispatcher 3.1 drivers used by some Lenovo consumer notebooks that could allow an authenticated local user to execute code with elevated privileges. The Lenovo Dispatcher 3.2 driver is not affected. This vulnerability does not affect systems when the Windows feature Core Isolation Memory Integrity is enabled. Lenovo systems preloaded with Windows 11 have this feature enabled by default. | ||||
| CVE-2024-6769 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2026-04-15 | 6.7 Medium |
| A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt. | ||||
| CVE-2025-59033 | 1 Microsoft | 7 Windows, Windows 10, Windows 11 and 4 more | 2026-04-15 | 7.4 High |
| The Microsoft vulnerable driver block list is implemented as Windows Defender Application Control (WDAC) policy. Entries that specify only the to-be-signed (TBS) part of the code signer certificate are properly blocked, but entries that specify the signing certificate's TBS hash along with a 'FileAttribRef' qualifier (such as file name or version) may not be blocked, whether hypervisor-protected code integrity (HVCI) is enabled or not. NOTE: The vendor disputes this CVE ID assignment and states that the driver blocklist is intended for use with HVCI. | ||||
| CVE-2025-7676 | 1 Microsoft | 1 Windows 11 | 2026-04-15 | N/A |
| DLL hijacking of all PE32 executables when run on Windows for ARM64 CPU architecture. This allows an attacker to execute code, if the attacker can plant a DLL in the same directory as the executable. Vulnerable versions of Windows 11 for ARM attempt to load Base DLLs that would ordinarily not be loaded from the application directory. Fixed in release 24H2, but present in all earlier versions of Windows 11 for ARM CPUs. | ||||
| CVE-2025-60710 | 1 Microsoft | 7 Windows, Windows 11, Windows 11 24h2 and 4 more | 2026-04-14 | 7.8 High |
| Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59214 | 1 Microsoft | 30 Windows, Windows 10, Windows 10 1507 and 27 more | 2026-03-27 | 6.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2025-47993 | 1 Microsoft | 9 Pc Manager, Windows, Windows 11 and 6 more | 2026-02-26 | 7.8 High |
| Improper access control in Microsoft PC Manager allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-47996 | 1 Microsoft | 27 Windows, Windows 10, Windows 10 1507 and 24 more | 2026-02-26 | 7.8 High |
| Integer underflow (wrap or wraparound) in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-49667 | 1 Microsoft | 26 Windows, Windows 10, Windows 10 1507 and 23 more | 2026-02-26 | 7.8 High |
| Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-49675 | 1 Microsoft | 27 Windows, Windows 10, Windows 10 1507 and 24 more | 2026-02-26 | 7.8 High |
| Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-49733 | 1 Microsoft | 19 Windows, Windows 10, Windows 10 1809 and 16 more | 2026-02-26 | 7.8 High |
| Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-50167 | 1 Microsoft | 27 Hyper-v, Windows, Windows 10 and 24 more | 2026-02-26 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-50168 | 1 Microsoft | 15 Server, Windows, Windows 11 and 12 more | 2026-02-26 | 7.8 High |
| Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-50177 | 1 Microsoft | 29 Windows, Windows 10, Windows 10 1507 and 26 more | 2026-02-26 | 8.1 High |
| Use after free in Windows Message Queuing allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-53131 | 1 Microsoft | 22 Server, Windows, Windows 10 and 19 more | 2026-02-26 | 8.8 High |
| Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-53133 | 1 Microsoft | 7 Server, Windows, Windows 11 and 4 more | 2026-02-26 | 7.8 High |
| Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-53135 | 1 Microsoft | 27 Directx, Windows, Windows 10 and 24 more | 2026-02-26 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorized attacker to elevate privileges locally. | ||||