Microsoft Windows 10 21H2 vulnerabilities
1,827 known vulnerabilities affecting microsoft/windows_10_21h2.
Total CVEs
1,827
CISA KEV
87
actively exploited
Public exploits
54
Exploited in wild
97
Severity breakdown
CRITICAL44HIGH1303MEDIUM473LOW7
Vulnerabilities
Page 77 of 92
CVE-2024-49111P4MEDIUMCVSS 6.6fixed in 10.0.19044.52472024-12-12
CVE-2024-49111 [MEDIUM] CWE-125 CVE-2024-49111: Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
nvd
CVE-2026-45608P4MEDIUMCVSS 6.8fixed in 10.0.19044.74172026-06-09
CVE-2026-45608 [MEDIUM] CWE-125 CVE-2026-45608: Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information loca
Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information locally.
nvd
CVE-2024-21316P4MEDIUMCVSS 6.1fixed in 10.0.19044.39302024-01-09
CVE-2024-21316 [MEDIUM] CWE-20 CVE-2024-21316: Windows Server Key Distribution Service Security Feature Bypass
Windows Server Key Distribution Service Security Feature Bypass
nvd
CVE-2025-47980P4MEDIUMCVSS 6.2fixed in 10.0.19044.60932025-07-08
CVE-2025-47980 [MEDIUM] CWE-200 CVE-2025-47980: Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an un
Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an unauthorized attacker to disclose information locally.
nvd
CVE-2025-27735P4MEDIUMCVSS 6.0fixed in 10.0.19044.57372025-04-08
CVE-2025-27735 [MEDIUM] CWE-345 CVE-2025-27735: Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclav
Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.
nvd
CVE-2026-42915P4MEDIUMCVSS 5.7fixed in 10.0.19044.74172026-06-09
CVE-2026-42915 [MEDIUM] CWE-131 CVE-2026-42915: Incorrect calculation of buffer size in Windows VMSwitch allows an authorized attacker to deny servi
Incorrect calculation of buffer size in Windows VMSwitch allows an authorized attacker to deny service over an adjacent network.
nvd
CVE-2026-20839P4MEDIUMCVSS 5.5fixed in 10.0.19044.68092026-01-13
CVE-2026-20839 [MEDIUM] CWE-284 CVE-2026-20839: Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker t
Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to disclose information locally.
nvd
CVE-2025-55229P4MEDIUMCVSS 5.3fixed in 10.0.19044.58542025-08-21
CVE-2025-55229 [MEDIUM] CWE-347 CVE-2025-55229: Improper verification of cryptographic signature in Windows Certificates allows an unauthorized atta
Improper verification of cryptographic signature in Windows Certificates allows an unauthorized attacker to perform spoofing over a network.
nvd
CVE-2026-40401P4HIGHCVSS 7.1fixed in 10.0.19044.72912026-05-12
CVE-2026-40401 [HIGH] CWE-476 CVE-2026-40401: Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service locally.
Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service locally.
nvd
CVE-2024-49110P4MEDIUMCVSS 6.8fixed in 10.0.19044.52472024-12-12
CVE-2024-49110 [MEDIUM] CWE-125 CVE-2024-49110: Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-49073P4MEDIUMCVSS 6.8fixed in 10.0.19044.52472024-12-12
CVE-2024-49073 [MEDIUM] CWE-20 CVE-2024-49073: Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-49077P4MEDIUMCVSS 6.8fixed in 10.0.19044.52472024-12-12
CVE-2024-49077 [MEDIUM] CWE-125 CVE-2024-49077: Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-49078P4MEDIUMCVSS 6.8fixed in 10.0.19044.52472024-12-12
CVE-2024-49078 [MEDIUM] CWE-125 CVE-2024-49078: Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-49083P4MEDIUMCVSS 6.8fixed in 10.0.19044.52472024-12-12
CVE-2024-49083 [MEDIUM] CWE-125 CVE-2024-49083: Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-49092P4MEDIUMCVSS 6.8fixed in 10.0.19044.52472024-12-12
CVE-2024-49092 [MEDIUM] CWE-125 CVE-2024-49092: Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-43634P4MEDIUMCVSS 6.8fixed in 10.0.19044.51312024-11-12
CVE-2024-43634 [MEDIUM] CWE-125 CVE-2024-43634: Windows USB Video Class System Driver Elevation of Privilege Vulnerability
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-43449P4MEDIUMCVSS 6.8fixed in 10.0.19044.51312024-11-12
CVE-2024-43449 [MEDIUM] CWE-125 CVE-2024-43449: Windows USB Video Class System Driver Elevation of Privilege Vulnerability
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-43637P4MEDIUMCVSS 6.8fixed in 10.0.19044.51312024-11-12
CVE-2024-43637 [MEDIUM] CWE-125 CVE-2024-43637: Windows USB Video Class System Driver Elevation of Privilege Vulnerability
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-43638P4MEDIUMCVSS 6.8fixed in 10.0.19044.51312024-11-12
CVE-2024-43638 [MEDIUM] CWE-125 CVE-2024-43638: Windows USB Video Class System Driver Elevation of Privilege Vulnerability
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-43643P4MEDIUMCVSS 6.8fixed in 10.0.19044.51312024-11-12
CVE-2024-43643 [MEDIUM] CWE-125 CVE-2024-43643: Windows USB Video Class System Driver Elevation of Privilege Vulnerability
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
nvd