Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows Server 2025
Subscriptions
Total
1144 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-21533 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-04-19 | 7.8 High |
| Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-21513 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-04-19 | 8.8 High |
| Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network. | ||||
| CVE-2026-20808 | 1 Microsoft | 7 Windows 11 24h2, Windows 11 24h2, Windows 11 25h2 and 4 more | 2026-04-18 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Printer Association Object allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-20962 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2026-04-18 | 4.4 Medium |
| Use of uninitialized resource in Dynamic Root of Trust for Measurement (DRTM) allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-21265 | 1 Microsoft | 20 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 17 more | 2026-04-18 | 6.4 Medium |
| Windows Secure Boot stores Microsoft certificates in the UEFI KEK and DB. These original certificates are approaching expiration, and devices containing affected certificate versions must update them to maintain Secure Boot functionality and avoid compromising security by losing security fixes related to Windows boot manager or Secure Boot. The operating system’s certificate update protection mechanism relies on firmware components that might contain defects, which can cause certificate trust updates to fail or behave unpredictably. This leads to potential disruption of the Secure Boot trust chain and requires careful validation and deployment to restore intended security guarantees. Certificate Authority (CA) Location Purpose Expiration Date Microsoft Corporation KEK CA 2011 KEK Signs updates to the DB and DBX 06/24/2026 Microsoft Corporation UEFI CA 2011 DB Signs 3rd party boot loaders, Option ROMs, etc. 06/27/2026 Microsoft Windows Production PCA 2011 DB Signs the Windows Boot Manager 10/19/2026 For more information see this CVE and Windows Secure Boot certificate expiration and CA updates. | ||||
| CVE-2026-20824 | 1 Microsoft | 20 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 17 more | 2026-04-18 | 5.5 Medium |
| Protection mechanism failure in Windows Remote Assistance allows an unauthorized attacker to bypass a security feature locally. | ||||
| CVE-2026-2636 | 1 Microsoft | 5 Windows, Windows 11, Windows 11 23h2 and 2 more | 2026-04-18 | 5.5 Medium |
| This vulnerability is caused by a CWE‑159: "Improper Handling of Invalid Use of Special Elements" weakness, which leads to an unrecoverable inconsistency in the CLFS.sys driver. This condition forces a call to the KeBugCheckEx function, allowing an unprivileged user to trigger a system crash. Microsoft silently fixed this vulnerability in the September 2025 cumulative update for Windows 11 2024 LTSC and Windows Server 2025. Windows 25H2 (released in September) was released with the patch. Windows 1123h2 and earlier versions remain vulnerable. | ||||
| CVE-2026-0386 | 1 Microsoft | 11 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 8 more | 2026-04-18 | 7.5 High |
| Improper access control in Windows Deployment Services allows an unauthorized attacker to execute code over an adjacent network. | ||||
| CVE-2026-20809 | 1 Microsoft | 20 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 17 more | 2026-04-18 | 7.8 High |
| Time-of-check time-of-use (toctou) race condition in Windows Kernel Memory allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-20818 | 1 Microsoft | 6 Windows Server 2016, Windows Server 2019, Windows Server 2022 and 3 more | 2026-04-18 | 6.2 Medium |
| Insertion of sensitive information into log file in Windows Kernel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-20829 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2026-04-18 | 5.5 Medium |
| Out-of-bounds read in Windows TPM allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-20840 | 1 Microsoft | 23 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 20 more | 2026-04-18 | 7.8 High |
| Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally. | ||||
| CVE-2026-20859 | 1 Microsoft | 5 Windows 11 24h2, Windows 11 24h2, Windows 11 25h2 and 2 more | 2026-04-18 | 7.8 High |
| Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-20864 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2026-04-18 | 7.8 High |
| Heap-based buffer overflow in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-20877 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2026-04-18 | 7.8 High |
| Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-20870 | 1 Microsoft | 5 Windows 11 24h2, Windows 11 24h2, Windows 11 25h2 and 2 more | 2026-04-18 | 7.8 High |
| Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-32220 | 1 Microsoft | 8 Windows 11 24h2, Windows 11 24h2, Windows 11 25h2 and 5 more | 2026-04-17 | 4.4 Medium |
| Improper access control in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally. | ||||
| CVE-2026-32221 | 1 Microsoft | 8 Windows 11 24h2, Windows 11 24h2, Windows 11 25h2 and 5 more | 2026-04-17 | 8.4 High |
| Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-32222 | 1 Microsoft | 8 Windows 11 24h2, Windows 11 24h2, Windows 11 25h2 and 5 more | 2026-04-17 | 7.8 High |
| Untrusted pointer dereference in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-32223 | 1 Microsoft | 8 Windows 11 24h2, Windows 11 24h2, Windows 11 25h2 and 5 more | 2026-04-17 | 6.8 Medium |
| Heap-based buffer overflow in Windows USB Print Driver allows an unauthorized attacker to elevate privileges with a physical attack. | ||||