Microsoft Windows 11 Version 22H3 vulnerabilities

1,502 known vulnerabilities affecting microsoft/windows_11_version_22h3.

Total CVEs

1,502

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL18HIGH1048MEDIUM429LOW7

Vulnerabilities

Page 39 of 76

CVE-2025-21247MEDIUMCVSS 4.3≥ 10.0.22631.0, < 10.0.22631.50392025-03-11

CVE-2025-21247 [MEDIUM] CWE-41 CVE-2025-21247: Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to b Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.

nvd

CVE-2025-24984MEDIUMCVSS 4.6KEV≥ 10.0.22631.0, < 10.0.22631.50392025-03-11

CVE-2025-24984 [MEDIUM] CWE-532 CVE-2025-24984: Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.

nvd

CVE-2025-24071MEDIUMCVSS 6.5PoC≥ 10.0.22631.0, < 10.0.22631.50392025-03-11

CVE-2025-24071 [MEDIUM] CWE-200 CVE-2025-24071: Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauth Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

nvd

CVE-2025-24988MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.50392025-03-11

CVE-2025-24988 [MEDIUM] CWE-125 CVE-2025-24988: Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges w Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.

nvd

CVE-2025-24996MEDIUMCVSS 6.5≥ 10.0.22631.0, < 10.0.22631.50392025-03-11

CVE-2025-24996 [MEDIUM] CWE-73 CVE-2025-24996: External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spo External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

nvd

CVE-2025-21407HIGHCVSS 8.8≥ 10.0.22631.0, < 10.0.22631.48902025-02-11

CVE-2025-21407 [HIGH] CWE-122 CVE-2025-21407: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21359HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.48902025-02-11

CVE-2025-21359 [HIGH] CWE-284 CVE-2025-21359: Windows Kernel Security Feature Bypass Vulnerability Windows Kernel Security Feature Bypass Vulnerability

nvd

CVE-2025-21414HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.48902025-02-11

CVE-2025-21414 [HIGH] CWE-122 CVE-2025-21414: Windows Core Messaging Elevation of Privileges Vulnerability Windows Core Messaging Elevation of Privileges Vulnerability

nvd

CVE-2025-21367HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.48902025-02-11

CVE-2025-21367 [HIGH] CWE-416 CVE-2025-21367: Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

nvd

CVE-2025-21369HIGHCVSS 8.8≥ 10.0.22631.0, < 10.0.22631.48902025-02-11

CVE-2025-21369 [HIGH] CWE-122 CVE-2025-21369: Microsoft Digest Authentication Remote Code Execution Vulnerability Microsoft Digest Authentication Remote Code Execution Vulnerability

nvd

CVE-2025-21406HIGHCVSS 8.8≥ 10.0.22631.0, < 10.0.22631.48902025-02-11

CVE-2025-21406 [HIGH] CWE-416 CVE-2025-21406: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21373HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.48902025-02-11

CVE-2025-21373 [HIGH] CWE-59 CVE-2025-21373: Windows Installer Elevation of Privilege Vulnerability Windows Installer Elevation of Privilege Vulnerability

nvd

CVE-2025-21376HIGHCVSS 8.1≥ 10.0.22631.0, < 10.0.22631.48902025-02-11

CVE-2025-21376 [HIGH] CWE-122 CVE-2025-21376: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

nvd

CVE-2025-21368HIGHCVSS 8.8≥ 10.0.22631.0, < 10.0.22631.48902025-02-11

CVE-2025-21368 [HIGH] CWE-122 CVE-2025-21368: Microsoft Digest Authentication Remote Code Execution Vulnerability Microsoft Digest Authentication Remote Code Execution Vulnerability

nvd

CVE-2025-21190HIGHCVSS 8.8≥ 10.0.22631.0, < 10.0.22631.48902025-02-11

CVE-2025-21190 [HIGH] CWE-122 CVE-2025-21190: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21358HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.48902025-02-11

CVE-2025-21358 [HIGH] CWE-822 CVE-2025-21358: Windows Core Messaging Elevation of Privileges Vulnerability Windows Core Messaging Elevation of Privileges Vulnerability

nvd

CVE-2025-21375HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.48902025-02-11

CVE-2025-21375 [HIGH] CWE-20 CVE-2025-21375: Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

nvd

CVE-2025-21419HIGHCVSS 7.1≥ 10.0.22631.0, < 10.0.22631.48902025-02-11

CVE-2025-21419 [HIGH] CWE-59 CVE-2025-21419: Windows Setup Files Cleanup Elevation of Privilege Vulnerability Windows Setup Files Cleanup Elevation of Privilege Vulnerability

nvd

CVE-2025-21181HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.48902025-02-11

CVE-2025-21181 [HIGH] CWE-400 CVE-2025-21181: Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

nvd

CVE-2025-21391HIGHCVSS 7.1KEV≥ 10.0.22631.0, < 10.0.22631.48902025-02-11

CVE-2025-21391 [HIGH] CWE-59 CVE-2025-21391: Windows Storage Elevation of Privilege Vulnerability Windows Storage Elevation of Privilege Vulnerability

nvd

← Previous39 / 76Next →