Microsoft Windows 11 Version 23H2 vulnerabilities

CVE-2025-60709 [HIGH] CWE-125 CVE-2025-60709: Out-of-bounds read in Windows Common Log File System Driver allows an authorized attacker to elevate Out-of-bounds read in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

CVE-2025-24046 [HIGH] CWE-416 CVE-2025-24046: Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges lo Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.

CVE-2025-49667 [HIGH] CWE-415 CVE-2025-49667: Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

CVE-2025-49721 [HIGH] CWE-122 CVE-2025-49721: Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate pri Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate privileges locally.

CVE-2026-20832 [HIGH] CWE-415 CVE-2026-20832: Windows Remote Procedure Call Interface Definition Language (IDL) Elevation of Privilege Vulnerabili Windows Remote Procedure Call Interface Definition Language (IDL) Elevation of Privilege Vulnerability

CVE-2026-20857 [HIGH] CWE-822 CVE-2026-20857: Untrusted pointer dereference in Windows Cloud Files Mini Filter Driver allows an authorized attacke Untrusted pointer dereference in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.

CVE-2025-53800 [HIGH] CWE-1419 CVE-2025-53800: No cwe for this issue in Microsoft Graphics Component allows an authorized attacker to elevate privi No cwe for this issue in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

CVE-2025-32712 [HIGH] CWE-416 CVE-2025-32712: Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

CVE-2025-54091 [HIGH] CWE-122 CVE-2025-54091: Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to elevate privilege Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

CVE-2025-48820 [HIGH] CWE-59 CVE-2025-48820: Improper link resolution before file access ('link following') in Windows AppX Deployment Service al Improper link resolution before file access ('link following') in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally.

CVE-2026-33838 [HIGH] CWE-415 CVE-2026-33838: Double free in Windows Message Queuing allows an authorized attacker to elevate privileges locally. Double free in Windows Message Queuing allows an authorized attacker to elevate privileges locally.

CVE-2026-20822 [HIGH] CWE-416 CVE-2026-20822: Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges l Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

CVE-2025-59207 [HIGH] CWE-20 CVE-2025-59207: Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2025-55339 [HIGH] CWE-125 CVE-2025-55339: Out-of-bounds read in Windows NDIS allows an authorized attacker to elevate privileges locally. Out-of-bounds read in Windows NDIS allows an authorized attacker to elevate privileges locally.

CVE-2026-23673 [HIGH] CWE-125 CVE-2026-23673: Out-of-bounds read in Windows Resilient File System (ReFS) allows an authorized attacker to elevate Out-of-bounds read in Windows Resilient File System (ReFS) allows an authorized attacker to elevate privileges locally.

CVE-2025-47976 [HIGH] CWE-416 CVE-2025-47976: Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally. Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

CVE-2025-55701 [HIGH] CWE-1287 CVE-2025-55701: Improper validation of specified type of input in Microsoft Windows allows an authorized attacker to Improper validation of specified type of input in Microsoft Windows allows an authorized attacker to elevate privileges locally.

CVE-2025-50170 [HIGH] CWE-280 CVE-2025-50170: Improper handling of insufficient permissions or privileges in Windows Cloud Files Mini Filter Drive Improper handling of insufficient permissions or privileges in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.

CVE-2025-47982 [HIGH] CWE-20 CVE-2025-47982: Improper input validation in Windows Storage VSP Driver allows an authorized attacker to elevate pri Improper input validation in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.

CVE-2025-49693 [HIGH] CWE-415 CVE-2025-49693: Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges l Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.