Microsoft Windows 11 Version 23H2 vulnerabilities

1,661 known vulnerabilities affecting microsoft/windows_11_version_23h2.

Total CVEs

1,661

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL25HIGH1170MEDIUM458LOW8

Vulnerabilities

SortPage 21 of 84

CVE-2026-27909P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.69362026-04-14

CVE-2026-27909 [HIGH] CWE-416 CVE-2026-27909: Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privil Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-54100P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.63452025-12-09

CVE-2025-54100 [HIGH] CWE-77 CVE-2025-54100: Improper neutralization of special elements used in a command ('command injection') in Windows Power Improper neutralization of special elements used in a command ('command injection') in Windows PowerShell allows an unauthorized attacker to execute code locally.

nvd

CVE-2024-26208P3HIGHCVSS 7.2≥ 10.0.22631.0, < 10.0.22631.34472024-04-09

CVE-2024-26208 [HIGH] CWE-191 CVE-2024-26208: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

nvd

CVE-2026-20837P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.64912026-01-13

CVE-2026-20837 [HIGH] CWE-122 CVE-2026-20837: Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally. Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally.

nvd

CVE-2025-26688P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.51892025-04-08

CVE-2025-26688 [HIGH] CWE-121 CVE-2025-26688: Stack-based buffer overflow in Microsoft Virtual Hard Drive allows an authorized attacker to elevate Stack-based buffer overflow in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally.

nvd

CVE-2024-49089P3HIGHCVSS 7.2≥ 10.0.22631.0, < 10.0.22631.46022024-12-12

CVE-2024-49089 [HIGH] CWE-122 CVE-2024-49089: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

nvd

CVE-2025-62470P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.63452025-12-09

CVE-2025-62470 [HIGH] CWE-122 CVE-2025-62470: Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-64679P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.60602025-12-09

CVE-2025-64679 [HIGH] CWE-122 CVE-2025-64679: Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate priv Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

nvd

CVE-2024-26170P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.32962024-03-12

CVE-2024-26170 [HIGH] CWE-20 CVE-2024-26170: Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability

nvd

CVE-2025-59255P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.60602025-10-14

CVE-2025-59255 [HIGH] CWE-122 CVE-2025-59255: Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate priv Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-64680P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.60602025-12-09

CVE-2025-64680 [HIGH] CWE-122 CVE-2025-64680: Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate priv Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-48574P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.72192026-06-09

CVE-2026-48574 [HIGH] CWE-122 CVE-2026-48574: Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally. Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally.

nvd

CVE-2025-53789P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22621.56242025-08-12

CVE-2025-53789 [HIGH] CWE-306 CVE-2025-53789: Missing authentication for critical function in Windows StateRepository API allows an authorized att Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-34343P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.7079≥ 10.0.22631.0, < 10.0.22631.72192026-05-12

CVE-2026-34343 [HIGH] CWE-122 CVE-2026-34343: Heap-based buffer overflow in Windows Application Identity (AppID) Subsystem allows an authorized at Heap-based buffer overflow in Windows Application Identity (AppID) Subsystem allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-26668P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.51892025-04-08

CVE-2025-26668 [HIGH] CWE-122 CVE-2025-26668: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorize Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

nvd

CVE-2026-40397P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.7079≥ 10.0.22631.0, < 10.0.22631.72192026-05-12

CVE-2026-40397 [HIGH] CWE-191 CVE-2026-40397: Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-26160P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.69362026-04-14

CVE-2026-26160 [HIGH] CWE-306 CVE-2026-26160: Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an a Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-49160P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.72192026-06-09

CVE-2026-49160 [HIGH] CWE-400 CVE-2026-49160: Uncontrolled resource consumption in HTTP/2 allows an unauthorized attacker to deny service over a n Uncontrolled resource consumption in HTTP/2 allows an unauthorized attacker to deny service over a network.

nvd

CVE-2025-55326P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.60602025-10-14

CVE-2025-55326 [HIGH] CWE-416 CVE-2025-55326: Use after free in Connected Devices Platform Service (Cdpsvc) allows an unauthorized attacker to exe Use after free in Connected Devices Platform Service (Cdpsvc) allows an unauthorized attacker to execute code over a network.

nvd

CVE-2024-38244P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.41692024-09-10

CVE-2024-38244 [HIGH] CWE-20 CVE-2024-38244: Kernel Streaming Service Driver Elevation of Privilege Vulnerability Kernel Streaming Service Driver Elevation of Privilege Vulnerability

nvd

← Previous21 / 84Next →