CVE-2026-25184Race Condition in Microsoft Windows 11 Version 22h3

CWE-362Race Condition3 documents3 sources
Severity
7.0HIGHNVD
EPSS
0.0%
top 84.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Microsoft Windows 11 Version 22h3Microsoft Windows 11 Version 23h2Microsoft Windows 11 Version 24h2+3 more
Timeline
PublishedApr 14

Description

Concurrent execution using shared resource with improper synchronization ('race condition') in Applocker Filter Driver (applockerfltr.sys) allows an authorized attacker to elevate privileges locally.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages6 packages

CVEListV5microsoft/windows_server_202510.0.26100.010.0.26100.32690
CVEListV5microsoft/windows_11_version_22h310.0.22631.010.0.22631.6936
CVEListV5microsoft/windows_11_version_23h210.0.22631.010.0.22631.6936
CVEListV5microsoft/windows_11_version_24h210.0.26100.010.0.26100.8246
CVEListV5microsoft/windows_11_version_25h210.0.26200.010.0.26200.8246

🔴Vulnerability Details

2
CVEList
Applocker Filter Driver (applockerfltr.sys) Elevation of Privilege Vulnerability2026-04-14
GHSA
GHSA-hc87-mxqm-j296: Concurrent execution using shared resource with improper synchronization ('race condition') in Applocker Filter Driver (applockerfltr2026-04-14
CVE-2026-25184 — Race Condition in Microsoft | cvebase