Microsoft Windows 11 Version 23H2 vulnerabilities

1,660 known vulnerabilities affecting microsoft/windows_11_version_23h2.

Total CVEs

1,660

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL25HIGH1170MEDIUM457LOW8

Vulnerabilities

SortPage 17 of 83

CVE-2025-24035P3HIGHCVSS 8.1≥ 10.0.22631.0, < 10.0.22631.50392025-03-11

CVE-2025-24035 [HIGH] CWE-591 CVE-2025-24035: Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unau Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

nvd

CVE-2024-38049P3HIGHCVSS 8.1≥ 10.0.22631.0, < 10.0.22631.38802024-07-09

CVE-2024-38049 [HIGH] CWE-73 CVE-2024-38049: Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability

nvd

CVE-2025-21295P3HIGHCVSS 8.1≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21295 [HIGH] CWE-416 CVE-2025-21295: SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability

nvd

CVE-2026-45586P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.72192026-06-09

CVE-2026-45586 [HIGH] CWE-59 CVE-2026-45586: Improper link resolution before file access ('link following') in Windows Collaborative Translation Improper link resolution before file access ('link following') in Windows Collaborative Translation Framework allows an authorized attacker to elevate privileges locally.

nvd

CVE-2024-49118P3HIGHCVSS 8.1≥ 10.0.22631.0, < 10.0.22631.46022024-12-12

CVE-2024-49118 [HIGH] CWE-416 CVE-2024-49118: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

nvd

CVE-2026-20925P3MEDIUMCVSS 6.5≥ 10.0.22631.0, < 10.0.22631.64912026-01-13

CVE-2026-20925 [MEDIUM] CWE-73 CVE-2026-20925: External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spo External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

nvd

CVE-2026-26132P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.67832026-03-10

CVE-2026-26132 [HIGH] CWE-416 CVE-2026-26132: Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-25172P3HIGHCVSS 8.0≥ 10.0.22631.0, < 10.0.22631.67832026-03-10

CVE-2026-25172 [HIGH] CWE-122 CVE-2026-25172: Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authori Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.

nvd

CVE-2026-25173P3HIGHCVSS 8.0≥ 10.0.22631.0, < 10.0.22631.67832026-03-10

CVE-2026-25173 [HIGH] CWE-122 CVE-2026-25173: Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authori Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.

nvd

CVE-2026-26111P3HIGHCVSS 8.0≥ 10.0.22631.0, < 10.0.22631.67832026-03-10

CVE-2026-26111 [HIGH] CWE-122 CVE-2026-26111: Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authori Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.

nvd

CVE-2026-42981P3HIGHCVSS 8.1≥ 10.0.22631.0, < 10.0.22631.72192026-06-09

CVE-2026-42981 [HIGH] CWE-191 CVE-2026-42981: Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacke Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacker to execute code over a network.

nvd

CVE-2026-42974P3HIGHCVSS 8.1≥ 10.0.22631.0, < 10.0.22631.72192026-06-09

CVE-2026-42974 [HIGH] CWE-190 CVE-2026-42974: Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacke Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacker to execute code over a network.

nvd

CVE-2026-20922P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.64912026-01-13

CVE-2026-20922 [HIGH] CWE-122 CVE-2026-20922: Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally. Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.

nvd

CVE-2026-20840P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.64912026-01-13

CVE-2026-20840 [HIGH] CWE-122 CVE-2026-20840: Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally. Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.

nvd

CVE-2026-23674P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.67832026-03-10

CVE-2026-23674 [HIGH] CWE-41 CVE-2026-23674: Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to b Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.

nvd

CVE-2026-20929P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.64912026-01-13

CVE-2026-20929 [HIGH] CWE-284 CVE-2026-20929: Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network.

nvd

CVE-2025-48814P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.56242025-07-08

CVE-2025-48814 [HIGH] CWE-306 CVE-2025-48814: Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an u Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass a security feature over a network.

nvd

CVE-2024-26158P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.34472024-04-09

CVE-2024-26158 [HIGH] CWE-59 CVE-2024-26158: Microsoft Install Service Elevation of Privilege Vulnerability Microsoft Install Service Elevation of Privilege Vulnerability

nvd

CVE-2026-20849P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.64912026-01-13

CVE-2026-20849 [HIGH] CWE-807 CVE-2026-20849: Reliance on untrusted inputs in a security decision in Windows Kerberos allows an authorized attacke Reliance on untrusted inputs in a security decision in Windows Kerberos allows an authorized attacker to elevate privileges over a network.

nvd

CVE-2024-38180P3HIGHCVSS 8.8≥ 10.0.22631.0, < 10.0.22631.40372024-08-13

CVE-2024-38180 [HIGH] CWE-693 CVE-2024-38180: Windows SmartScreen Security Feature Bypass Vulnerability Windows SmartScreen Security Feature Bypass Vulnerability

nvd

← Previous17 / 83Next →