Microsoft Windows 11 Version 23H2 vulnerabilities

CVE-2025-59289 [HIGH] CWE-415 CVE-2025-59289: Double free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally Double free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.

CVE-2026-34341 [HIGH] CWE-415 CVE-2026-34341: Double free in Windows Link-Layer Discovery Protocol (LLDP) allows an authorized attacker to elevate Double free in Windows Link-Layer Discovery Protocol (LLDP) allows an authorized attacker to elevate privileges locally.

CVE-2026-25184 [HIGH] CWE-362 CVE-2026-25184: Concurrent execution using shared resource with improper synchronization ('race condition') in Applo Concurrent execution using shared resource with improper synchronization ('race condition') in Applocker Filter Driver (applockerfltr.sys) allows an authorized attacker to elevate privileges locally.

CVE-2025-59205 [HIGH] CWE-362 CVE-2025-59205: Concurrent execution using shared resource with improper synchronization ('race condition') in Micro Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

CVE-2026-32086 [HIGH] CWE-362 CVE-2026-32086: Concurrent execution using shared resource with improper synchronization ('race condition') in Funct Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.

CVE-2026-32150 [HIGH] CWE-362 CVE-2026-32150: Concurrent execution using shared resource with improper synchronization ('race condition') in Funct Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.

CVE-2025-53716 [MEDIUM] CWE-476 CVE-2025-53716: Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an aut Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network.

CVE-2025-32715 [MEDIUM] CWE-125 CVE-2025-32715: Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network.

CVE-2025-55226 [MEDIUM] CWE-362 CVE-2025-55226: Concurrent execution using shared resource with improper synchronization ('race condition') in Graph Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to execute code locally.

CVE-2024-38032 [HIGH] CWE-122 CVE-2024-38032: Microsoft Xbox Remote Code Execution Vulnerability Microsoft Xbox Remote Code Execution Vulnerability

CVE-2024-21302 [MEDIUM] CWE-284 CVE-2024-21302: Summary: As of July 8, 2025 Microsoft has completed mitigations to address this vulnerability. See K Summary: As of July 8, 2025 Microsoft has completed mitigations to address this vulnerability. See KB5042562: Guidance for blocking rollback of virtualization-based security related updates and the Recommended Actions section of this CVE for guidance on how to protect your systems from this vulnerability. An elevation of privilege vulnerability exis

CVE-2024-30099 [HIGH] CWE-367 CVE-2024-30099: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability

CVE-2025-26640 [HIGH] CWE-415 CVE-2025-26640: Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.

CVE-2024-38069 [HIGH] CWE-347 CVE-2024-38069: Windows Enroll Engine Security Feature Bypass Vulnerability Windows Enroll Engine Security Feature Bypass Vulnerability

CVE-2025-49685 [HIGH] CWE-416 CVE-2025-49685: Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privil Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.

CVE-2025-27732 [HIGH] CWE-591 CVE-2025-27732: Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized att Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

CVE-2025-26665 [HIGH] CWE-591 CVE-2025-26665: Sensitive data storage in improperly locked memory in Windows upnphost.dll allows an authorized atta Sensitive data storage in improperly locked memory in Windows upnphost.dll allows an authorized attacker to elevate privileges locally.

CVE-2025-62219 [HIGH] CWE-362 CVE-2025-62219: Double free in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privi Double free in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally.

CVE-2025-27468 [HIGH] CWE-269 CVE-2025-27468: Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally.

CVE-2025-55696 [HIGH] CWE-367 CVE-2025-55696: Time-of-check time-of-use (toctou) race condition in NtQueryInformation Token function (ntifs.h) all Time-of-check time-of-use (toctou) race condition in NtQueryInformation Token function (ntifs.h) allows an authorized attacker to elevate privileges locally.