Microsoft Windows 11 Version 23H2 vulnerabilities
1,661 known vulnerabilities affecting microsoft/windows_11_version_23h2.
Total CVEs
1,661
CISA KEV
59
actively exploited
Public exploits
42
Exploited in wild
71
Severity breakdown
CRITICAL25HIGH1170MEDIUM458LOW8
Vulnerabilities
Page 43 of 84
CVE-2024-43640P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.44602024-11-12
CVE-2024-43640 [HIGH] CWE-415 CVE-2024-43640: Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
nvd
CVE-2025-21378P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.47512025-01-14
CVE-2025-21378 [HIGH] CWE-122 CVE-2025-21378: Windows CSC Service Elevation of Privilege Vulnerability
Windows CSC Service Elevation of Privilege Vulnerability
nvd
CVE-2025-21343P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.47512025-01-14
CVE-2025-21343 [HIGH] CWE-269 CVE-2025-21343: Windows Web Threat Defense User Service Information Disclosure Vulnerability
Windows Web Threat Defense User Service Information Disclosure Vulnerability
nvd
CVE-2024-43644P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.44602024-11-12
CVE-2024-43644 [HIGH] CWE-125 CVE-2024-43644: Windows Client-Side Caching Elevation of Privilege Vulnerability
Windows Client-Side Caching Elevation of Privilege Vulnerability
nvd
CVE-2024-43646P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.44602024-11-12
CVE-2024-43646 [HIGH] CWE-822 CVE-2024-43646: Windows Secure Kernel Mode Elevation of Privilege Vulnerability
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
nvd
CVE-2024-43631P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.44602024-11-12
CVE-2024-43631 [HIGH] CWE-822 CVE-2024-43631: Windows Secure Kernel Mode Elevation of Privilege Vulnerability
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
nvd
CVE-2024-43528P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.44602024-10-08
CVE-2024-43528 [HIGH] CWE-122 CVE-2024-43528: Windows Secure Kernel Mode Elevation of Privilege Vulnerability
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
nvd
CVE-2025-27739P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.51892025-04-08
CVE-2025-27739 [HIGH] CWE-822 CVE-2025-27739: Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges
Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.
nvd
CVE-2026-25190P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.67832026-03-10
CVE-2026-25190 [HIGH] CWE-426 CVE-2026-25190: Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally.
Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally.
nvd
CVE-2026-48575P3HIGHCVSS 7.9≥ 10.0.22631.0, < 10.0.22631.72192026-06-09
CVE-2026-48575 [HIGH] CWE-693 CVE-2026-48575: Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a securi
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
nvd
CVE-2026-48570P3HIGHCVSS 7.9≥ 10.0.22631.0, < 10.0.22631.72192026-06-09
CVE-2026-48570 [HIGH] CWE-693 CVE-2026-48570: Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a securi
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
nvd
CVE-2026-48568P3HIGHCVSS 7.9≥ 10.0.22631.0, < 10.0.22631.72192026-06-09
CVE-2026-48568 [HIGH] CWE-693 CVE-2026-48568: Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a securi
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
nvd
CVE-2026-45588P3HIGHCVSS 7.9≥ 10.0.22631.0, < 10.0.22631.72192026-06-09
CVE-2026-45588 [HIGH] CWE-693 CVE-2026-45588: Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a securi
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
nvd
CVE-2026-48578P3HIGHCVSS 7.9≥ 10.0.22631.0, < 10.0.22631.72192026-06-09
CVE-2026-48578 [HIGH] CWE-284 CVE-2026-48578: Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a securi
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
nvd
CVE-2025-47973P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.56242025-07-08
CVE-2025-47973 [HIGH] CWE-126 CVE-2025-47973: Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges l
Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.
nvd
CVE-2025-47971P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.56242025-07-08
CVE-2025-47971 [HIGH] CWE-126 CVE-2025-47971: Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges l
Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.
nvd
CVE-2024-49046P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.44602024-11-12
CVE-2024-49046 [HIGH] CWE-367 CVE-2024-49046: Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
nvd
CVE-2025-21325P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.47512025-01-17
CVE-2025-21325 [HIGH] CWE-732 CVE-2025-21325: Windows Secure Kernel Mode Elevation of Privilege Vulnerability
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
nvd
CVE-2025-54894P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.59092025-09-09
CVE-2025-54894 [HIGH] CWE-122 CVE-2025-54894: Local Security Authority Subsystem Service Elevation of Privilege Vulnerability
Local Security Authority Subsystem Service Elevation of Privilege Vulnerability
nvd
CVE-2024-26228P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.34472024-04-09
CVE-2024-26228 [HIGH] CWE-310 CVE-2024-26228: Windows Cryptographic Services Security Feature Bypass Vulnerability
Windows Cryptographic Services Security Feature Bypass Vulnerability
nvd