Microsoft Windows 10 21H2 vulnerabilities

CVE-2026-48570 [HIGH] CWE-693 CVE-2026-48570: Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a securi Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

CVE-2026-48568 [HIGH] CWE-693 CVE-2026-48568: Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a securi Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

CVE-2026-45588 [HIGH] CWE-693 CVE-2026-45588: Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a securi Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

CVE-2026-48578 [HIGH] CWE-284 CVE-2026-48578: Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a securi Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

CVE-2025-47973 [HIGH] CWE-126 CVE-2025-47973: Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges l Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

CVE-2025-47971 [HIGH] CWE-126 CVE-2025-47971: Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges l Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

CVE-2024-49046 [HIGH] CWE-367 CVE-2024-49046: Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

CVE-2025-21325 [HIGH] CWE-732 CVE-2025-21325: Windows Secure Kernel Mode Elevation of Privilege Vulnerability Windows Secure Kernel Mode Elevation of Privilege Vulnerability

CVE-2025-54894 [HIGH] CWE-122 CVE-2025-54894: Local Security Authority Subsystem Service Elevation of Privilege Vulnerability Local Security Authority Subsystem Service Elevation of Privilege Vulnerability

CVE-2023-29335 [HIGH] CWE-20 CVE-2023-29335: Microsoft Word Security Feature Bypass Vulnerability Microsoft Word Security Feature Bypass Vulnerability

CVE-2023-21801 [HIGH] CVE-2023-21801: Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

CVE-2024-26228 [HIGH] CWE-310 CVE-2024-26228: Windows Cryptographic Services Security Feature Bypass Vulnerability Windows Cryptographic Services Security Feature Bypass Vulnerability

CVE-2025-47985 [HIGH] CWE-822 CVE-2025-47985: Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate priv Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate privileges locally.

CVE-2026-32071 [HIGH] CWE-476 CVE-2026-32071: Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an una Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.

CVE-2026-35416 [HIGH] CWE-416 CVE-2026-35416: Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver f Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2025-29842 [HIGH] CWE-349 CVE-2025-29842: Acceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized attacker Acceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized attacker to bypass a security feature over a network.

CVE-2026-27908 [HIGH] CWE-416 CVE-2026-27908: Use after free in Windows TDI Translation Driver (tdx.sys) allows an authorized attacker to elevate Use after free in Windows TDI Translation Driver (tdx.sys) allows an authorized attacker to elevate privileges locally.

CVE-2025-27738 [MEDIUM] CWE-284 CVE-2025-27738: Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to dis Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to disclose information over a network.

CVE-2025-50159 [HIGH] CWE-416 CVE-2025-50159: Use after free in Remote Access Point-to-Point Protocol (PPP) EAP-TLS allows an authorized attacker Use after free in Remote Access Point-to-Point Protocol (PPP) EAP-TLS allows an authorized attacker to elevate privileges locally.

CVE-2025-54116 [HIGH] CWE-284 CVE-2025-54116: Improper access control in Windows MultiPoint Services allows an authorized attacker to elevate priv Improper access control in Windows MultiPoint Services allows an authorized attacker to elevate privileges locally.