CVE-2026-25171
published 2026-03-10CVE-2026-25171: Use after free in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.
high7CVSS 3.1
AVLACHPRLUINSUCHIHAH
Use after free in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.
Affected
43 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_1607 | < 10.0.14393.8957 | 10.0.14393.8957 |
| microsoft | windows_10_1809 | < 10.0.17763.8511 | 10.0.17763.8511 |
| microsoft | windows_10_21h2 | < 10.0.19044.7058 | 10.0.19044.7058 |
| microsoft | windows_10_22h2 | < 10.0.19045.7058 | 10.0.19045.7058 |
| microsoft | windows_10_version_1607 | >= 10.0.14393.0 < 10.0.14393.8957 | 10.0.14393.8957 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.8511 | 10.0.17763.8511 |
| microsoft | windows_10_version_21h2 | >= 10.0.19044.0 < 10.0.19044.7058 | 10.0.19044.7058 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.7058 | 10.0.19045.7058 |
| microsoft | windows_11_23h2 | < 10.0.22631.6783 | 10.0.22631.6783 |
| microsoft | windows_11_24h2 | < 10.0.26100.7979 | 10.0.26100.7979 |
| microsoft | windows_11_25h2 | < 10.0.26200.7979 | 10.0.26200.7979 |
| microsoft | windows_11_26h1 | < 10.0.28000.1719 | 10.0.28000.1719 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.6783 | 10.0.22631.6783 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.6783 | 10.0.22631.6783 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.8037 | 10.0.26100.8037 |
| microsoft | windows_11_version_25h2 | >= 10.0.26200.0 < 10.0.26200.8037 | 10.0.26200.8037 |
| microsoft | windows_11_version_26h1 | >= 10.0.28000.0 < 10.0.28000.1719 | 10.0.28000.1719 |
| microsoft | windows_server_2012 | — | — |
| microsoft | windows_server_2012 | >= 6.2.9200.0 < 6.2.9200.25973 | 6.2.9200.25973 |
| microsoft | windows_server_2012_r2 | >= 6.3.9600.0 < 6.3.9600.23074 | 6.3.9600.23074 |
| microsoft | windows_server_2016 | < 10.0.14393.8957 | 10.0.14393.8957 |
| microsoft | windows_server_2016 | >= 10.0.14393.0 < 10.0.14393.8957 | 10.0.14393.8957 |
| microsoft | windows_server_2019 | < 10.0.17763.8511 | 10.0.17763.8511 |
| microsoft | windows_server_2019 | >= 10.0.17763.0 < 10.0.17763.8511 | 10.0.17763.8511 |
| microsoft | windows_server_2022 | < 10.0.20348.4830 | 10.0.20348.4830 |