cbcvebase.

Microsoft Windows 10 21H2 vulnerabilities

1,827 known vulnerabilities affecting microsoft/windows_10_21h2.

Total CVEs
1,827
CISA KEV
87
actively exploited
Public exploits
54
Exploited in wild
97
Severity breakdown
CRITICAL44HIGH1303MEDIUM473LOW7

Vulnerabilities

Page 24 of 92
CVE-2025-54098P3HIGHCVSS 7.8fixed in 10.0.19044.63322025-09-09
CVE-2025-54098 [HIGH] CWE-284 CVE-2025-54098: Improper access control in Windows Hyper-V allows an authorized attacker to elevate privileges local Improper access control in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-60705P3HIGHCVSS 7.8fixed in 10.0.19044.65752025-11-11
CVE-2025-60705 [HIGH] CWE-284 CVE-2025-60705: Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker t Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-59517P3HIGHCVSS 7.8fixed in 10.0.19044.66912025-12-09
CVE-2025-59517 [HIGH] CWE-284 CVE-2025-59517: Improper access control in Windows Storage VSP Driver allows an authorized attacker to elevate privi Improper access control in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.
nvd
CVE-2024-30089P3HIGHCVSS 7.8fixed in 10.0.19044.45292024-06-11
CVE-2024-30089 [HIGH] CWE-416 CVE-2024-30089: Microsoft Streaming Service Elevation of Privilege Vulnerability Microsoft Streaming Service Elevation of Privilege Vulnerability
nvd
CVE-2023-41773P3HIGHCVSS 8.1fixed in 10.0.19041.35702023-10-10
CVE-2023-41773 [HIGH] CWE-416 CVE-2023-41773: Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
nvd
CVE-2023-41774P3HIGHCVSS 8.1fixed in 10.0.19041.35702023-10-10
CVE-2023-41774 [HIGH] CWE-416 CVE-2023-41774: Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
nvd
CVE-2023-41767P3HIGHCVSS 8.1fixed in 10.0.19041.35702023-10-10
CVE-2023-41767 [HIGH] CWE-416 CVE-2023-41767: Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
nvd
CVE-2023-38166P3HIGHCVSS 8.1fixed in 10.0.19041.35702023-10-10
CVE-2023-38166 [HIGH] CWE-416 CVE-2023-38166: Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
nvd
CVE-2023-41768P3HIGHCVSS 8.1fixed in 10.0.19041.35702023-10-10
CVE-2023-41768 [HIGH] CWE-416 CVE-2023-41768: Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
nvd
CVE-2023-41771P3HIGHCVSS 8.1fixed in 10.0.19041.35702023-10-10
CVE-2023-41771 [HIGH] CWE-416 CVE-2023-41771: Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
nvd
CVE-2023-41765P3HIGHCVSS 8.1fixed in 10.0.19041.35702023-10-10
CVE-2023-41765 [HIGH] CWE-416 CVE-2023-41765: Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
nvd
CVE-2023-41769P3HIGHCVSS 8.1fixed in 10.0.19041.35702023-10-10
CVE-2023-41769 [HIGH] CWE-416 CVE-2023-41769: Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
nvd
CVE-2023-41770P3HIGHCVSS 8.1fixed in 10.0.19041.35702023-10-10
CVE-2023-41770 [HIGH] CWE-416 CVE-2023-41770: Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
nvd
CVE-2023-35297P3HIGHCVSS 8.1fixed in 10.0.19041.32082023-07-11
CVE-2023-35297 [HIGH] CWE-843 CVE-2023-35297: Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
nvd
CVE-2023-28283P3HIGHCVSS 8.1fixed in 10.0.19044.29652023-05-09
CVE-2023-28283 [HIGH] CWE-591 CVE-2023-28283: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
nvd
CVE-2026-42905P3HIGHCVSS 7.8fixed in 10.0.19044.74172026-06-09
CVE-2026-42905 [HIGH] CWE-416 CVE-2026-42905: Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges local Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
nvd
CVE-2026-20940P3HIGHCVSS 7.8fixed in 10.0.19044.68092026-01-13
CVE-2026-20940 [HIGH] CWE-822 CVE-2026-20940: Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker t Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
nvd
CVE-2026-26128P3HIGHCVSS 7.8fixed in 10.0.19044.70582026-03-10
CVE-2026-26128 [HIGH] CWE-287 CVE-2026-26128: Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges lo Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-53155P3HIGHCVSS 7.8fixed in 10.0.19044.62162025-08-12
CVE-2025-53155 [HIGH] CWE-122 CVE-2025-53155: Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to elevate privileges lo Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
nvd
CVE-2026-21246P3HIGHCVSS 7.8fixed in 10.0.19044.69372026-02-10
CVE-2026-21246 [HIGH] CWE-122 CVE-2026-21246: Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
nvd
← Previous24 / 92Next →
Microsoft Windows 10 21H2 vulnerabilities | cvebase