Microsoft Windows 10 21H2 vulnerabilities
1,827 known vulnerabilities affecting microsoft/windows_10_21h2.
Total CVEs
1,827
CISA KEV
87
actively exploited
Public exploits
54
Exploited in wild
97
Severity breakdown
CRITICAL44HIGH1303MEDIUM473LOW7
Vulnerabilities
Page 23 of 92
CVE-2026-21239P3HIGHCVSS 7.8fixed in 10.0.19044.69372026-02-10
CVE-2026-21239 [HIGH] CWE-122 CVE-2026-21239: Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges loc
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
nvd
CVE-2026-21236P3HIGHCVSS 7.8fixed in 10.0.19044.69372026-02-10
CVE-2026-21236 [HIGH] CWE-122 CVE-2026-21236: Heap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized att
Heap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
nvd
CVE-2023-28227P3HIGHCVSS 7.5fixed in 10.0.19044.28462023-04-11
CVE-2023-28227 [HIGH] CWE-122 CVE-2023-28227: Windows Bluetooth Driver Remote Code Execution Vulnerability
Windows Bluetooth Driver Remote Code Execution Vulnerability
nvd
CVE-2026-33841P3HIGHCVSS 7.8fixed in 10.0.19044.72912026-05-12
CVE-2026-33841 [HIGH] CWE-122 CVE-2026-33841: Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges loc
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
nvd
CVE-2026-40377P3HIGHCVSS 7.8fixed in 10.0.19044.72912026-05-12
CVE-2026-40377 [HIGH] CWE-122 CVE-2026-40377: Heap-based buffer overflow in Windows Cryptographic Services allows an authorized attacker to elevat
Heap-based buffer overflow in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.
nvd
CVE-2026-26180P3HIGHCVSS 7.8fixed in 10.0.19044.71842026-04-14
CVE-2026-26180 [HIGH] CWE-122 CVE-2026-26180: Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges loc
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
nvd
CVE-2023-21819P3HIGHCVSS 7.5fixed in 10.0.19044.26042023-02-14
CVE-2023-21819 [HIGH] CWE-125 CVE-2023-21819: Windows Secure Channel Denial of Service Vulnerability
Windows Secure Channel Denial of Service Vulnerability
nvd
CVE-2025-26634P3HIGHCVSS 7.5fixed in 10.0.19044.54872025-03-11
CVE-2025-26634 [HIGH] CWE-122 CVE-2025-26634: Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privil
Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network.
nvd
CVE-2023-28275P3HIGHCVSS 8.8fixed in 10.0.19044.28462023-04-11
CVE-2023-28275 [HIGH] CWE-122 CVE-2023-28275: Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
nvd
CVE-2023-36882P3HIGHCVSS 8.8fixed in 10.0.19044.33242023-08-08
CVE-2023-36882 [HIGH] CWE-416 CVE-2023-36882: Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
nvd
CVE-2023-21685P3HIGHCVSS 8.8fixed in 10.0.19044.26042023-02-14
CVE-2023-21685 [HIGH] CWE-20 CVE-2023-21685: Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
nvd
CVE-2023-21797P3HIGHCVSS 8.8fixed in 10.0.19044.26042023-02-14
CVE-2023-21797 [HIGH] CWE-190 CVE-2023-21797: Microsoft ODBC Driver Remote Code Execution Vulnerability
Microsoft ODBC Driver Remote Code Execution Vulnerability
nvd
CVE-2023-21798P3HIGHCVSS 8.8fixed in 10.0.19044.26042023-02-14
CVE-2023-21798 [HIGH] CWE-125 CVE-2023-21798: Microsoft ODBC Driver Remote Code Execution Vulnerability
Microsoft ODBC Driver Remote Code Execution Vulnerability
nvd
CVE-2023-32038P3HIGHCVSS 8.8fixed in 10.0.19041.32082023-07-11
CVE-2023-32038 [HIGH] CWE-416 CVE-2023-32038: Microsoft ODBC Driver Remote Code Execution Vulnerability
Microsoft ODBC Driver Remote Code Execution Vulnerability
nvd
CVE-2023-38147P3HIGHCVSS 8.8fixed in 10.0.19044.34482023-09-12
CVE-2023-38147 [HIGH] CWE-122 CVE-2023-38147: Windows Miracast Wireless Display Remote Code Execution Vulnerability
Windows Miracast Wireless Display Remote Code Execution Vulnerability
nvd
CVE-2023-24947P3HIGHCVSS 8.8fixed in 10.0.19044.29652023-05-09
CVE-2023-24947 [HIGH] CWE-416 CVE-2023-24947: Windows Bluetooth Driver Remote Code Execution Vulnerability
Windows Bluetooth Driver Remote Code Execution Vulnerability
nvd
CVE-2026-26178P3HIGHCVSS 8.8fixed in 10.0.19044.71842026-04-14
CVE-2026-26178 [HIGH] CWE-190 CVE-2026-26178: Integer size truncation in Windows Advanced Rasterization Platform (WARP) allows an unauthorized att
Integer size truncation in Windows Advanced Rasterization Platform (WARP) allows an unauthorized attacker to elevate privileges locally.
nvd
CVE-2025-47986P3HIGHCVSS 8.8fixed in 10.0.19044.60932025-07-08
CVE-2025-47986 [HIGH] CWE-416 CVE-2025-47986: Use after free in Universal Print Management Service allows an authorized attacker to elevate privil
Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-58715P3HIGHCVSS 8.8fixed in 10.0.19044.64562025-10-14
CVE-2025-58715 [HIGH] CWE-190 CVE-2025-58715: Integer overflow or wraparound in Microsoft Windows Speech allows an authorized attacker to elevate
Integer overflow or wraparound in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-58716P3HIGHCVSS 8.8fixed in 10.0.19044.64562025-10-14
CVE-2025-58716 [HIGH] CWE-20 CVE-2025-58716: Improper input validation in Microsoft Windows Speech allows an authorized attacker to elevate privi
Improper input validation in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.
nvd