Microsoft Windows 11 24H2 vulnerabilities

1,030 known vulnerabilities affecting microsoft/windows_11_24h2.

Total CVEs

1,030

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL14HIGH716MEDIUM296LOW4

Vulnerabilities

Page 40 of 52

CVE-2025-21207HIGHCVSS 7.5fixed in 10.0.26100.28942025-01-14

CVE-2025-21207 [HIGH] CWE-400 CVE-2025-21207: Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability

nvd

CVE-2025-21243HIGHCVSS 8.8fixed in 10.0.26100.28942025-01-14

CVE-2025-21243 [HIGH] CWE-190 CVE-2025-21243: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21238HIGHCVSS 8.8fixed in 10.0.26100.28942025-01-14

CVE-2025-21238 [HIGH] CWE-122 CVE-2025-21238: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21306HIGHCVSS 8.8fixed in 10.0.26100.28942025-01-14

CVE-2025-21306 [HIGH] CWE-122 CVE-2025-21306: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21248HIGHCVSS 8.8fixed in 10.0.26100.28942025-01-14

CVE-2025-21248 [HIGH] CWE-122 CVE-2025-21248: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21223HIGHCVSS 8.8fixed in 10.0.26100.28942025-01-14

CVE-2025-21223 [HIGH] CWE-122 CVE-2025-21223: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21285HIGHCVSS 7.5fixed in 10.0.26100.28942025-01-14

CVE-2025-21285 [HIGH] CWE-476 CVE-2025-21285: Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

nvd

CVE-2025-21233HIGHCVSS 8.8fixed in 10.0.26100.28942025-01-14

CVE-2025-21233 [HIGH] CWE-122 CVE-2025-21233: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21246HIGHCVSS 8.8fixed in 10.0.26100.28942025-01-14

CVE-2025-21246 [HIGH] CWE-122 CVE-2025-21246: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21214MEDIUMCVSS 4.2fixed in 10.0.26100.28942025-01-14

CVE-2025-21214 [MEDIUM] CWE-200 CVE-2025-21214: Windows BitLocker Information Disclosure Vulnerability Windows BitLocker Information Disclosure Vulnerability

nvd

CVE-2025-21313MEDIUMCVSS 6.5fixed in 10.0.26100.28942025-01-14

CVE-2025-21313 [MEDIUM] CWE-833 CVE-2025-21313: Windows Security Account Manager (SAM) Denial of Service Vulnerability Windows Security Account Manager (SAM) Denial of Service Vulnerability

nvd

CVE-2025-21317MEDIUMCVSS 5.5fixed in 10.0.26100.28942025-01-14

CVE-2025-21317 [MEDIUM] CWE-532 CVE-2025-21317: Windows Kernel Memory Information Disclosure Vulnerability Windows Kernel Memory Information Disclosure Vulnerability

nvd

CVE-2025-21341MEDIUMCVSS 6.6fixed in 10.0.26100.28942025-01-14

CVE-2025-21341 [MEDIUM] CWE-125 CVE-2025-21341: Windows Digital Media Elevation of Privilege Vulnerability Windows Digital Media Elevation of Privilege Vulnerability

nvd

CVE-2025-21340MEDIUMCVSS 5.5fixed in 10.0.26100.28942025-01-14

CVE-2025-21340 [MEDIUM] CWE-284 CVE-2025-21340: Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability

nvd

CVE-2025-21189MEDIUMCVSS 4.3fixed in 10.0.26100.28942025-01-14

CVE-2025-21189 [MEDIUM] CWE-41 CVE-2025-21189: MapUrlToZone Security Feature Bypass Vulnerability MapUrlToZone Security Feature Bypass Vulnerability

nvd

CVE-2025-21328MEDIUMCVSS 4.3fixed in 10.0.26100.28942025-01-14

CVE-2025-21328 [MEDIUM] CWE-41 CVE-2025-21328: MapUrlToZone Security Feature Bypass Vulnerability MapUrlToZone Security Feature Bypass Vulnerability

nvd

CVE-2025-21260MEDIUMCVSS 6.6fixed in 10.0.26100.28942025-01-14

CVE-2025-21260 [MEDIUM] CWE-125 CVE-2025-21260: Windows Digital Media Elevation of Privilege Vulnerability Windows Digital Media Elevation of Privilege Vulnerability

nvd

CVE-2025-21256MEDIUMCVSS 6.6fixed in 10.0.26100.28942025-01-14

CVE-2025-21256 [MEDIUM] CWE-122 CVE-2025-21256: Windows Digital Media Elevation of Privilege Vulnerability Windows Digital Media Elevation of Privilege Vulnerability

nvd

CVE-2025-21202MEDIUMCVSS 6.1fixed in 10.0.26100.28942025-01-14

CVE-2025-21202 [MEDIUM] CWE-284 CVE-2025-21202: Windows Recovery Environment Agent Elevation of Privilege Vulnerability Windows Recovery Environment Agent Elevation of Privilege Vulnerability

nvd

CVE-2025-21321MEDIUMCVSS 5.5fixed in 10.0.26100.28942025-01-14

CVE-2025-21321 [MEDIUM] CWE-532 CVE-2025-21321: Windows Kernel Memory Information Disclosure Vulnerability Windows Kernel Memory Information Disclosure Vulnerability

nvd

← Previous40 / 52Next →