Microsoft Windows 11 Version 23H2 vulnerabilities

1,661 known vulnerabilities affecting microsoft/windows_11_version_23h2.

Total CVEs

1,661

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL25HIGH1170MEDIUM458LOW8

Vulnerabilities

SortPage 30 of 84

CVE-2025-49665P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.56242025-07-08

CVE-2025-49665 [HIGH] CWE-362 CVE-2025-49665: Concurrent execution using shared resource with improper synchronization ('race condition') in Works Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-54913P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.59092025-09-09

CVE-2025-54913 [HIGH] CWE-362 CVE-2025-54913: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows UI XAML Maps MapControlSettings allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-49733P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.56242025-07-08

CVE-2025-49733 [HIGH] CWE-416 CVE-2025-49733: Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-49725P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.56242025-07-08

CVE-2025-49725 [HIGH] CWE-416 CVE-2025-49725: Use after free in Windows Notification allows an authorized attacker to elevate privileges locally. Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-59192P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.60602025-10-14

CVE-2025-59192 [HIGH] CWE-126 CVE-2025-59192: Buffer over-read in Storport.sys Driver allows an authorized attacker to elevate privileges locally. Buffer over-read in Storport.sys Driver allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-33828P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.72192026-06-09

CVE-2026-33828 [HIGH] CWE-501 CVE-2026-33828: Trust boundary violation in Windows Attestation allows an authorized attacker to elevate privileges Trust boundary violation in Windows Attestation allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-32155P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.69362026-04-14

CVE-2026-32155 [HIGH] CWE-416 CVE-2026-32155: Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-32074P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.69362026-04-14

CVE-2026-32074 [HIGH] CWE-415 CVE-2026-32074: Double free in Windows Projected File System allows an authorized attacker to elevate privileges loc Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-32078P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.69362026-04-14

CVE-2026-32078 [HIGH] CWE-416 CVE-2026-32078: Use after free in Windows Projected File System allows an authorized attacker to elevate privileges Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-32069P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.69362026-04-14

CVE-2026-32069 [HIGH] CWE-415 CVE-2026-32069: Double free in Windows Projected File System allows an authorized attacker to elevate privileges loc Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-34338P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.7079≥ 10.0.22631.0, < 10.0.22631.72192026-05-12

CVE-2026-34338 [HIGH] CWE-416 CVE-2026-34338: Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges loca Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-40382P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.7079≥ 10.0.22631.0, < 10.0.22631.72192026-05-12

CVE-2026-40382 [HIGH] CWE-416 CVE-2026-40382: Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges loca Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-59278P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.60602025-10-14

CVE-2025-59278 [HIGH] CWE-1287 CVE-2025-59278: Improper validation of specified type of input in Windows Authentication Methods allows an authorize Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-59275P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.60602025-10-14

CVE-2025-59275 [HIGH] CWE-122 CVE-2025-59275: Improper validation of specified type of input in Windows Authentication Methods allows an authorize Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-32089P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.69362026-04-14

CVE-2026-32089 [HIGH] CWE-362 CVE-2026-32089: Use after free in Windows Speech Brokered Api allows an authorized attacker to elevate privileges lo Use after free in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-27916P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.69362026-04-14

CVE-2026-27916 [HIGH] CWE-416 CVE-2026-27916: Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker t Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-64661P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.63452025-12-09

CVE-2025-64661 [HIGH] CWE-362 CVE-2025-64661: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-45637P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.72192026-06-09

CVE-2026-45637 [HIGH] CWE-416 CVE-2026-45637: Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges local Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-45605P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.72192026-06-09

CVE-2026-45605 [HIGH] CWE-416 CVE-2026-45605: Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges loca Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-45638P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.72192026-06-09

CVE-2026-45638 [HIGH] CWE-122 CVE-2026-45638: Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to ele Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

nvd

← Previous30 / 84Next →