Microsoft Windows 11 Version 23H2 vulnerabilities

1,661 known vulnerabilities affecting microsoft/windows_11_version_23h2.

Total CVEs

1,661

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL25HIGH1170MEDIUM458LOW8

Vulnerabilities

SortPage 51 of 84

CVE-2026-26165P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.69362026-04-14

CVE-2026-26165 [HIGH] CWE-416 CVE-2026-26165: Use after free in Windows Shell allows an authorized attacker to elevate privileges locally. Use after free in Windows Shell allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-62217P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.61992025-11-11

CVE-2025-62217 [HIGH] CWE-362 CVE-2025-62217: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-49762P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.57682025-08-12

CVE-2025-49762 [HIGH] CWE-362 CVE-2025-49762: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-40410P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.7079≥ 10.0.22631.0, < 10.0.22631.72192026-05-12

CVE-2026-40410 [HIGH] CWE-416 CVE-2026-40410: Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally. Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-55328P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.60602025-10-14

CVE-2025-55328 [HIGH] CWE-362 CVE-2025-55328: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-55335P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.60602025-10-14

CVE-2025-55335 [HIGH] CWE-362 CVE-2025-55335: Use after free in Windows NTFS allows an unauthorized attacker to elevate privileges locally. Use after free in Windows NTFS allows an unauthorized attacker to elevate privileges locally.

nvd

CVE-2025-59507P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.61992025-11-11

CVE-2025-59507 [HIGH] CWE-362 CVE-2025-59507: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-59508P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.61992025-11-11

CVE-2025-59508 [HIGH] CWE-362 CVE-2025-59508: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-59506P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.61992025-11-11

CVE-2025-59506 [HIGH] CWE-362 CVE-2025-59506: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-62573P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.63452025-12-09

CVE-2025-62573 [HIGH] CWE-362 CVE-2025-62573: Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally. Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-34340P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.7079≥ 10.0.22631.0, < 10.0.22631.72192026-05-12

CVE-2026-34340 [HIGH] CWE-416 CVE-2026-34340: Use after free in Windows Projected File System allows an authorized attacker to elevate privileges Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-33104P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.69362026-04-14

CVE-2026-33104 [HIGH] CWE-362 CVE-2026-33104: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-34351P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.7079≥ 10.0.22631.0, < 10.0.22631.72192026-05-12

CVE-2026-34351 [HIGH] CWE-362 CVE-2026-34351: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-32090P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.69362026-04-14

CVE-2026-32090 [HIGH] CWE-362 CVE-2026-32090: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-23671P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.67832026-03-10

CVE-2026-23671 [HIGH] CWE-362 CVE-2026-23671: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-24295P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.67832026-03-10

CVE-2026-24295 [HIGH] CWE-362 CVE-2026-24295: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Device Association Service allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-24296P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.67832026-03-10

CVE-2026-24296 [HIGH] CWE-362 CVE-2026-24296: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Device Association Service allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-26177P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.69362026-04-14

CVE-2026-26177 [HIGH] CWE-416 CVE-2026-26177: Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to ele Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-27922P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.69362026-04-14

CVE-2026-27922 [HIGH] CWE-416 CVE-2026-27922: Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to ele Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

nvd

CVE-2026-26182P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.69362026-04-14

CVE-2026-26182 [HIGH] CWE-416 CVE-2026-26182: Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to ele Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

nvd

← Previous51 / 84Next →