Microsoft Windows 10 21H2 vulnerabilities

CVE-2024-38049 [HIGH] CWE-73 CVE-2024-38049: Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability

CVE-2025-21295 [HIGH] CWE-416 CVE-2025-21295: SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability

CVE-2026-45586 [HIGH] CWE-59 CVE-2026-45586: Improper link resolution before file access ('link following') in Windows Collaborative Translation Improper link resolution before file access ('link following') in Windows Collaborative Translation Framework allows an authorized attacker to elevate privileges locally.

CVE-2024-49118 [HIGH] CWE-416 CVE-2024-49118: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

CVE-2026-20925 [MEDIUM] CWE-73 CVE-2026-20925: External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spo External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-26132 [HIGH] CWE-416 CVE-2026-26132: Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-25166 [HIGH] CWE-502 CVE-2026-25166: Deserialization of untrusted data in Windows System Image Manager allows an authorized attacker to e Deserialization of untrusted data in Windows System Image Manager allows an authorized attacker to execute code locally.

CVE-2026-25173 [HIGH] CWE-122 CVE-2026-25173: Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authori Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.

CVE-2023-36903 [CRITICAL] CWE-59 CVE-2023-36903: Windows System Assessment Tool Elevation of Privilege Vulnerability Windows System Assessment Tool Elevation of Privilege Vulnerability

CVE-2026-20922 [HIGH] CWE-122 CVE-2026-20922: Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally. Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.

CVE-2026-20840 [HIGH] CWE-122 CVE-2026-20840: Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally. Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.

CVE-2026-23674 [HIGH] CWE-41 CVE-2026-23674: Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to b Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.

CVE-2026-20929 [HIGH] CWE-284 CVE-2026-20929: Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network.

CVE-2025-48814 [HIGH] CWE-306 CVE-2025-48814: Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an u Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass a security feature over a network.

CVE-2024-26158 [HIGH] CWE-59 CVE-2024-26158: Microsoft Install Service Elevation of Privilege Vulnerability Microsoft Install Service Elevation of Privilege Vulnerability

CVE-2026-20849 [HIGH] CWE-807 CVE-2026-20849: Reliance on untrusted inputs in a security decision in Windows Kerberos allows an authorized attacke Reliance on untrusted inputs in a security decision in Windows Kerberos allows an authorized attacker to elevate privileges over a network.

CVE-2023-36900 [HIGH] CWE-190 CVE-2023-36900: Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2023-35359 [HIGH] CWE-23 CVE-2023-35359: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-38180 [HIGH] CWE-693 CVE-2024-38180: Windows SmartScreen Security Feature Bypass Vulnerability Windows SmartScreen Security Feature Bypass Vulnerability

CVE-2025-21332 [HIGH] CWE-41 CVE-2025-21332: MapUrlToZone Security Feature Bypass Vulnerability MapUrlToZone Security Feature Bypass Vulnerability