Microsoft Windows 10 21H2 vulnerabilities

CVE-2025-54111 [HIGH] CWE-416 CVE-2025-54111: Use after free in Windows UI XAML Phone DatePickerFlyout allows an authorized attacker to elevate pr Use after free in Windows UI XAML Phone DatePickerFlyout allows an authorized attacker to elevate privileges locally.

CVE-2025-49660 [HIGH] CWE-416 CVE-2025-49660: Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally. Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally.

CVE-2025-49675 [HIGH] CWE-416 CVE-2025-49675: Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.

CVE-2025-59514 [HIGH] CWE-269 CVE-2025-59514: Improper privilege management in Microsoft Streaming Service allows an authorized attacker to elevat Improper privilege management in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.

CVE-2026-25189 [HIGH] CWE-416 CVE-2026-25189: Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges local Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

CVE-2025-49726 [HIGH] CWE-416 CVE-2025-49726: Use after free in Windows Notification allows an authorized attacker to elevate privileges locally. Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.

CVE-2026-24287 [HIGH] CWE-73 CVE-2026-24287: External control of file name or path in Windows Kernel allows an authorized attacker to elevate pri External control of file name or path in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2025-64673 [HIGH] CWE-284 CVE-2025-64673: Improper access control in Storvsp.sys Driver allows an authorized attacker to elevate privileges lo Improper access control in Storvsp.sys Driver allows an authorized attacker to elevate privileges locally.

CVE-2026-35415 [HIGH] CWE-190 CVE-2026-35415: Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.

CVE-2026-32077 [HIGH] CWE-822 CVE-2026-32077: Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an author Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.

CVE-2026-33098 [HIGH] CWE-416 CVE-2026-33098: Use after free in Windows Container Isolation FS Filter Driver allows an authorized attacker to elev Use after free in Windows Container Isolation FS Filter Driver allows an authorized attacker to elevate privileges locally.

CVE-2026-45607 [HIGH] CWE-125 CVE-2026-45607: Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.

CVE-2026-27919 [HIGH] CWE-822 CVE-2026-27919: Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an author Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.

CVE-2026-20877 [HIGH] CWE-362 CVE-2026-20877: Use after free in Windows Management Services allows an authorized attacker to elevate privileges lo Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVE-2026-20924 [HIGH] CWE-362 CVE-2026-20924: Use after free in Windows Management Services allows an authorized attacker to elevate privileges lo Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVE-2025-26687 [HIGH] CWE-416 CVE-2025-26687: Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.

CVE-2025-53150 [HIGH] CWE-362 CVE-2025-53150: Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.

CVE-2026-20858 [HIGH] CWE-362 CVE-2026-20858: Use after free in Windows Management Services allows an authorized attacker to elevate privileges lo Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVE-2025-49665 [HIGH] CWE-362 CVE-2025-49665: Concurrent execution using shared resource with improper synchronization ('race condition') in Works Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally.

CVE-2025-54913 [HIGH] CWE-362 CVE-2025-54913: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows UI XAML Maps MapControlSettings allows an authorized attacker to elevate privileges locally.