cbcvebase.
CVE-2025-49708
published 2025-10-14

CVE-2025-49708: Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges over a network.

critical9.9CVSS 3.1
AVNACLPRLUINSCCHIHAH
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges over a network.

Affected

33 ranges· showing 25
VendorProductVersion rangeFixed in
microsoftwindows_10_1809< 10.0.17763.791910.0.17763.7919
microsoftwindows_10_21h2< 10.0.19044.645610.0.19044.6456
microsoftwindows_10_22h2< 10.0.19045.645610.0.19045.6456
microsoftwindows_10_version_1809>= 10.0.17763.0 < 10.0.17763.791910.0.17763.7919
microsoftwindows_10_version_21h2>= 10.0.19044.0 < 10.0.19044.645610.0.19044.6456
microsoftwindows_10_version_22h2>= 10.0.19045.0 < 10.0.19045.645610.0.19045.6456
microsoftwindows_11_22h2< 10.0.22621.606010.0.22621.6060
microsoftwindows_11_23h2<= 10.0.22631.6060
microsoftwindows_11_24h2< 10.0.26100.689910.0.26100.6899
microsoftwindows_11_25h2< 10.0.26200.689910.0.26200.6899
microsoftwindows_11_version_22h2>= 10.0.22621.0 < 10.0.22621.606010.0.22621.6060
microsoftwindows_11_version_22h3>= 10.0.22631.0 < 10.0.22631.606010.0.22631.6060
microsoftwindows_11_version_23h2>= 10.0.22631.0 < 10.0.22631.606010.0.22631.6060
microsoftwindows_11_version_24h2>= 10.0.26100.0 < 10.0.26100.689910.0.26100.6899
microsoftwindows_11_version_25h2>= 10.0.26200.0 < 10.0.26200.689910.0.26200.6899
microsoftwindows_server_2019< 10.0.17763.791910.0.17763.7919
microsoftwindows_server_2019>= 10.0.17763.0 < 10.0.17763.791910.0.17763.7919
microsoftwindows_server_2022< 10.0.20348.429410.0.20348.4294
microsoftwindows_server_2022>= 10.0.20348.0 < 10.0.20348.429410.0.20348.4294
microsoftwindows_server_2022_23h2< 10.0.25398.191310.0.25398.1913
microsoftwindows_server_2025<= 10.0.26100.6899
microsoftwindows_server_2025>= 10.0.26100.0 < 10.0.26100.689910.0.26100.6899
msrcwindows_10_version_1809
msrcwindows_10_version_21h2
msrcwindows_10_version_22h2