Microsoft Windows 11 Version 23H2 vulnerabilities

1,661 known vulnerabilities affecting microsoft/windows_11_version_23h2.

Total CVEs

1,661

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL25HIGH1170MEDIUM458LOW8

Vulnerabilities

SortPage 44 of 84

CVE-2025-47985P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.56242025-07-08

CVE-2025-47985 [HIGH] CWE-822 CVE-2025-47985: Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate priv Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-32071P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.69362026-04-14

CVE-2026-32071 [HIGH] CWE-476 CVE-2026-32071: Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an una Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.

nvd

CVE-2026-35416P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.7079≥ 10.0.22631.0, < 10.0.22631.72192026-05-12

CVE-2026-35416 [HIGH] CWE-416 CVE-2026-35416: Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver f Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-29842P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.53352025-05-13

CVE-2025-29842 [HIGH] CWE-349 CVE-2025-29842: Acceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized attacker Acceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized attacker to bypass a security feature over a network.

nvd

CVE-2026-27908P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.69362026-04-14

CVE-2026-27908 [HIGH] CWE-416 CVE-2026-27908: Use after free in Windows TDI Translation Driver (tdx.sys) allows an authorized attacker to elevate Use after free in Windows TDI Translation Driver (tdx.sys) allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-27738P3MEDIUMCVSS 6.5≥ 10.0.22631.0, < 10.0.22631.51892025-04-08

CVE-2025-27738 [MEDIUM] CWE-284 CVE-2025-27738: Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to dis Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to disclose information over a network.

nvd

CVE-2025-50159P3HIGHCVSS 7.3≥ 10.0.22631.0, < 10.0.22631.57682025-08-12

CVE-2025-50159 [HIGH] CWE-416 CVE-2025-50159: Use after free in Remote Access Point-to-Point Protocol (PPP) EAP-TLS allows an authorized attacker Use after free in Remote Access Point-to-Point Protocol (PPP) EAP-TLS allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-54116P3HIGHCVSS 7.3≥ 10.0.22631.0, < 10.0.22631.59092025-09-09

CVE-2025-54116 [HIGH] CWE-284 CVE-2025-54116: Improper access control in Windows MultiPoint Services allows an authorized attacker to elevate priv Improper access control in Windows MultiPoint Services allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-27921P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.69362026-04-14

CVE-2026-27921 [HIGH] CWE-362 CVE-2026-27921: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-54099P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.59092025-09-09

CVE-2025-54099 [HIGH] CWE-121 CVE-2025-54099: Stack-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized at Stack-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-26635P3MEDIUMCVSS 6.5≥ 10.0.22631.0, < 10.0.22631.51892025-04-08

CVE-2025-26635 [MEDIUM] CWE-1390 CVE-2025-26635: Weak authentication in Windows Hello allows an authorized attacker to bypass a security feature over Weak authentication in Windows Hello allows an authorized attacker to bypass a security feature over a network.

nvd

CVE-2025-21220P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.47512025-01-14

CVE-2025-21220 [HIGH] CWE-908 CVE-2025-21220: Microsoft Message Queuing Information Disclosure Vulnerability Microsoft Message Queuing Information Disclosure Vulnerability

nvd

CVE-2020-17103P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.72192020-12-10

CVE-2020-17103 [HIGH] CWE-269 CVE-2020-17103: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

nvd

CVE-2023-36393P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.27152023-11-14

CVE-2023-36393 [HIGH] CWE-426 CVE-2023-36393: Windows User Interface Application Core Remote Code Execution Vulnerability Windows User Interface Application Core Remote Code Execution Vulnerability

nvd

CVE-2024-30073P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.41692024-09-10

CVE-2024-30073 [HIGH] CWE-41 CVE-2024-30073: Windows Security Zone Mapping Security Feature Bypass Vulnerability Windows Security Zone Mapping Security Feature Bypass Vulnerability

nvd

CVE-2024-30072P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.37372024-06-11

CVE-2024-30072 [HIGH] CWE-190 CVE-2024-30072: Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability

nvd

CVE-2024-21442P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.32962024-03-12

CVE-2024-21442 [HIGH] CWE-170 CVE-2024-21442: Windows USB Print Driver Elevation of Privilege Vulnerability Windows USB Print Driver Elevation of Privilege Vulnerability

nvd

CVE-2024-38034P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.38802024-07-09

CVE-2024-38034 [HIGH] CWE-190 CVE-2024-38034: Windows Filtering Platform Elevation of Privilege Vulnerability Windows Filtering Platform Elevation of Privilege Vulnerability

nvd

CVE-2024-21436P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.32962024-03-12

CVE-2024-21436 [HIGH] CWE-284 CVE-2024-21436: Windows Installer Elevation of Privilege Vulnerability Windows Installer Elevation of Privilege Vulnerability

nvd

CVE-2024-20658P3HIGHCVSS 7.8≥ 10.0.22631.0, < 10.0.22631.30072024-01-09

CVE-2024-20658 [HIGH] CWE-125 CVE-2024-20658: Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability

nvd

← Previous44 / 84Next →