Microsoft Windows 11 Version 23H2 vulnerabilities

1,661 known vulnerabilities affecting microsoft/windows_11_version_23h2.

Total CVEs

1,661

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL25HIGH1170MEDIUM458LOW8

Vulnerabilities

SortPage 27 of 84

CVE-2024-38141P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.40372024-08-13

CVE-2024-38141 [HIGH] CWE-416 CVE-2024-38141: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

nvd

CVE-2024-43560P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.43172024-10-08

CVE-2024-43560 [HIGH] CWE-122 CVE-2024-43560: Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability

nvd

CVE-2025-21292P3HIGHCVSS 8.8≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21292 [HIGH] CWE-94 CVE-2025-21292: Windows Search Service Elevation of Privilege Vulnerability Windows Search Service Elevation of Privilege Vulnerability

nvd

CVE-2025-27737P3HIGHCVSS 8.6≥ 10.0.22631.0, < 10.0.22631.51892025-04-08

CVE-2025-27737 [HIGH] CWE-20 CVE-2025-27737: Improper input validation in Windows Security Zone Mapping allows an unauthorized attacker to bypass Improper input validation in Windows Security Zone Mapping allows an unauthorized attacker to bypass a security feature locally.

nvd

CVE-2025-48822P3HIGHCVSS 8.6≥ 10.0.22631.0, < 10.0.22631.56242025-07-08

CVE-2025-48822 [HIGH] CWE-125 CVE-2025-48822: Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.

nvd

CVE-2025-24052P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.60602025-10-14

CVE-2025-24052 [HIGH] CWE-121 CVE-2025-24052: Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update. Fax modem hardware dependent on this specific driver will no longer work on Window

nvd

CVE-2025-21299P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21299 [HIGH] CWE-922 CVE-2025-21299: Windows Kerberos Security Feature Bypass Vulnerability Windows Kerberos Security Feature Bypass Vulnerability

nvd

CVE-2025-33067P3HIGHCVSS 8.4≥ 10.0.22631.0, < 10.0.22631.54722025-06-10

CVE-2025-33067 [HIGH] CWE-269 CVE-2025-33067: Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privilege Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privileges locally.

nvd

CVE-2025-26673P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.51892025-04-08

CVE-2025-26673 [HIGH] CWE-400 CVE-2025-26673: Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.

nvd

CVE-2025-27469P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.51892025-04-08

CVE-2025-27469 [HIGH] CWE-400 CVE-2025-27469: Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.

nvd

CVE-2025-26641P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.51892025-04-08

CVE-2025-26641 [HIGH] CWE-400 CVE-2025-26641: Uncontrolled resource consumption in Windows Cryptographic Services allows an unauthorized attacker Uncontrolled resource consumption in Windows Cryptographic Services allows an unauthorized attacker to deny service over a network.

nvd

CVE-2025-21389P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21389 [HIGH] CWE-400 CVE-2025-21389: Uncontrolled resource consumption in Windows Universal Plug and Play (UPnP) Device Host allows an un Uncontrolled resource consumption in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to deny service over a network.

nvd

CVE-2025-48799P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.56242025-07-08

CVE-2025-48799 [HIGH] CWE-59 CVE-2025-48799: Improper link resolution before file access ('link following') in Windows Update Service allows an a Improper link resolution before file access ('link following') in Windows Update Service allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-47955P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.53352025-06-10

CVE-2025-47955 [HIGH] CWE-269 CVE-2025-47955: Improper privilege management in Windows Remote Access Connection Manager allows an authorized attac Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.

nvd

CVE-2024-30015P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.35932024-05-14

CVE-2024-30015 [HIGH] CWE-197 CVE-2024-30015: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

nvd

CVE-2024-30029P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.35932024-05-14

CVE-2024-30029 [HIGH] CWE-197 CVE-2024-30029: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

nvd

CVE-2024-30014P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.35932024-05-14

CVE-2024-30014 [HIGH] CWE-197 CVE-2024-30014: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

nvd

CVE-2025-26686P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.51892025-04-08

CVE-2025-26686 [HIGH] CWE-591 CVE-2025-26686: Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network.

nvd

CVE-2024-21347P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.31552024-02-13

CVE-2024-21347 [HIGH] CWE-122 CVE-2024-21347: Microsoft ODBC Driver Remote Code Execution Vulnerability Microsoft ODBC Driver Remote Code Execution Vulnerability

nvd

CVE-2026-20846P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.66492026-02-10

CVE-2026-20846 [HIGH] CWE-126 CVE-2026-20846: Buffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network. Buffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network.

nvd

← Previous27 / 84Next →