cbcvebase.

Microsoft Windows 11 Version 23H2 vulnerabilities

1,661 known vulnerabilities affecting microsoft/windows_11_version_23h2.

Total CVEs
1,661
CISA KEV
59
actively exploited
Public exploits
42
Exploited in wild
71
Severity breakdown
CRITICAL25HIGH1170MEDIUM458LOW8

Vulnerabilities

Page 29 of 84
CVE-2025-47159P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.56242025-07-08
CVE-2025-47159 [HIGH] CWE-693 CVE-2025-47159: Protection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an author Protection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
nvd
CVE-2026-20809P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.64912026-01-13
CVE-2026-20809 [HIGH] CWE-122 CVE-2026-20809: Time-of-check time-of-use (toctou) race condition in Windows Kernel Memory allows an authorized atta Time-of-check time-of-use (toctou) race condition in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-59290P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.59092025-10-14
CVE-2025-59290 [HIGH] CWE-416 CVE-2025-59290: Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges loca Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-54111P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.59092025-09-09
CVE-2025-54111 [HIGH] CWE-416 CVE-2025-54111: Use after free in Windows UI XAML Phone DatePickerFlyout allows an authorized attacker to elevate pr Use after free in Windows UI XAML Phone DatePickerFlyout allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-49660P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.56242025-07-08
CVE-2025-49660 [HIGH] CWE-416 CVE-2025-49660: Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally. Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-49675P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.56242025-07-08
CVE-2025-49675 [HIGH] CWE-416 CVE-2025-49675: Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-59514P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.61992025-11-11
CVE-2025-59514 [HIGH] CWE-269 CVE-2025-59514: Improper privilege management in Microsoft Streaming Service allows an authorized attacker to elevat Improper privilege management in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-49726P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.56242025-07-08
CVE-2025-49726 [HIGH] CWE-416 CVE-2025-49726: Use after free in Windows Notification allows an authorized attacker to elevate privileges locally. Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.
nvd
CVE-2026-24287P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.67832026-03-10
CVE-2026-24287 [HIGH] CWE-73 CVE-2026-24287: External control of file name or path in Windows Kernel allows an authorized attacker to elevate pri External control of file name or path in Windows Kernel allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-64673P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.63452025-12-09
CVE-2025-64673 [HIGH] CWE-284 CVE-2025-64673: Improper access control in Storvsp.sys Driver allows an authorized attacker to elevate privileges lo Improper access control in Storvsp.sys Driver allows an authorized attacker to elevate privileges locally.
nvd
CVE-2026-35415P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.7079≥ 10.0.22631.0, < 10.0.22631.72192026-05-12
CVE-2026-35415 [HIGH] CWE-190 CVE-2026-35415: Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.
nvd
CVE-2026-32077P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.69362026-04-14
CVE-2026-32077 [HIGH] CWE-822 CVE-2026-32077: Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an author Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.
nvd
CVE-2026-33098P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.69362026-04-14
CVE-2026-33098 [HIGH] CWE-416 CVE-2026-33098: Use after free in Windows Container Isolation FS Filter Driver allows an authorized attacker to elev Use after free in Windows Container Isolation FS Filter Driver allows an authorized attacker to elevate privileges locally.
nvd
CVE-2026-45607P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.72192026-06-09
CVE-2026-45607 [HIGH] CWE-125 CVE-2026-45607: Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
nvd
CVE-2026-27919P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.69362026-04-14
CVE-2026-27919 [HIGH] CWE-822 CVE-2026-27919: Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an author Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.
nvd
CVE-2026-20877P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.64912026-01-13
CVE-2026-20877 [HIGH] CWE-362 CVE-2026-20877: Use after free in Windows Management Services allows an authorized attacker to elevate privileges lo Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.
nvd
CVE-2026-20924P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.64912026-01-13
CVE-2026-20924 [HIGH] CWE-362 CVE-2026-20924: Use after free in Windows Management Services allows an authorized attacker to elevate privileges lo Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-26687P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.51892025-04-08
CVE-2025-26687 [HIGH] CWE-416 CVE-2025-26687: Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.
nvd
CVE-2025-53150P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.60602025-10-14
CVE-2025-53150 [HIGH] CWE-362 CVE-2025-53150: Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
nvd
CVE-2026-20858P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.64912026-01-13
CVE-2026-20858 [HIGH] CWE-362 CVE-2026-20858: Use after free in Windows Management Services allows an authorized attacker to elevate privileges lo Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.
nvd
← Previous29 / 84Next →
Microsoft Windows 11 Version 23H2 vulnerabilities | cvebase