Microsoft Windows 11 Version 23H2 vulnerabilities
1,661 known vulnerabilities affecting microsoft/windows_11_version_23h2.
Total CVEs
1,661
CISA KEV
59
actively exploited
Public exploits
42
Exploited in wild
71
Severity breakdown
CRITICAL25HIGH1170MEDIUM458LOW8
Vulnerabilities
Page 59 of 84
CVE-2024-49082P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.46022024-12-12
CVE-2024-49082 [MEDIUM] CWE-22 CVE-2024-49082: Windows File Explorer Information Disclosure Vulnerability
Windows File Explorer Information Disclosure Vulnerability
nvd
CVE-2024-21314P3MEDIUMCVSS 6.5≥ 10.0.22631.0, < 10.0.22631.30072024-01-09
CVE-2024-21314 [MEDIUM] CWE-125 CVE-2024-21314: Microsoft Message Queuing Information Disclosure Vulnerability
Microsoft Message Queuing Information Disclosure Vulnerability
nvd
CVE-2024-20660P4MEDIUMCVSS 6.5≥ 10.0.22631.0, < 10.0.22631.30072024-01-09
CVE-2024-20660 [MEDIUM] CWE-125 CVE-2024-20660: Microsoft Message Queuing Information Disclosure Vulnerability
Microsoft Message Queuing Information Disclosure Vulnerability
nvd
CVE-2024-20680P4MEDIUMCVSS 6.5≥ 10.0.22631.0, < 10.0.22631.30072024-01-09
CVE-2024-20680 [MEDIUM] CWE-822 CVE-2024-20680: Windows Message Queuing Client (MSMQC) Information Disclosure
Windows Message Queuing Client (MSMQC) Information Disclosure
nvd
CVE-2024-20664P3MEDIUMCVSS 6.5≥ 10.0.22631.0, < 10.0.22631.30072024-01-09
CVE-2024-20664 [MEDIUM] CWE-822 CVE-2024-20664: Microsoft Message Queuing Information Disclosure Vulnerability
Microsoft Message Queuing Information Disclosure Vulnerability
nvd
CVE-2024-20663P4MEDIUMCVSS 6.5≥ 10.0.22631.0, < 10.0.22631.30072024-01-09
CVE-2024-20663 [MEDIUM] CWE-822 CVE-2024-20663: Windows Message Queuing Client (MSMQC) Information Disclosure
Windows Message Queuing Client (MSMQC) Information Disclosure
nvd
CVE-2024-38022P4HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.38802024-07-09
CVE-2024-38022 [HIGH] CWE-59 CVE-2024-38022: Windows Image Acquisition Elevation of Privilege Vulnerability
Windows Image Acquisition Elevation of Privilege Vulnerability
nvd
CVE-2023-36403P4HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.27152023-11-14
CVE-2023-36403 [HIGH] CWE-591 CVE-2023-36403: Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
nvd
CVE-2024-21439P4HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.32962024-03-12
CVE-2024-21439 [HIGH] CWE-416 CVE-2024-21439: Windows Telephony Server Elevation of Privilege Vulnerability
Windows Telephony Server Elevation of Privilege Vulnerability
nvd
CVE-2024-43535P4HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.43172024-10-08
CVE-2024-43535 [HIGH] CWE-416 CVE-2024-43535: Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-43570P4HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.43172024-10-08
CVE-2024-43570 [HIGH] CWE-416 CVE-2024-43570: Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
nvd
CVE-2024-38136P4HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.40372024-08-13
CVE-2024-38136 [HIGH] CWE-416 CVE-2024-38136: Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability
Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability
nvd
CVE-2024-49084P4HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.46022024-12-12
CVE-2024-49084 [HIGH] CWE-362 CVE-2024-49084: Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
nvd
CVE-2024-38137P4HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.40372024-08-13
CVE-2024-38137 [HIGH] CWE-416 CVE-2024-38137: Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability
Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability
nvd
CVE-2024-43511P4HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.44602024-10-08
CVE-2024-43511 [HIGH] CWE-367 CVE-2024-43511: Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
nvd
CVE-2024-35265P4HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.37372024-06-11
CVE-2024-35265 [HIGH] CWE-367 CVE-2024-35265: Windows Perception Service Elevation of Privilege Vulnerability
Windows Perception Service Elevation of Privilege Vulnerability
nvd
CVE-2025-21191P4HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.51892025-04-08
CVE-2025-21191 [HIGH] CWE-367 CVE-2025-21191: Time-of-check time-of-use (toctou) race condition in Windows Local Security Authority (LSA) allows a
Time-of-check time-of-use (toctou) race condition in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-21301P4MEDIUMCVSS 6.5≥ 10.0.22631.0, < 10.0.22631.47512025-01-14
CVE-2025-21301 [MEDIUM] CWE-284 CVE-2025-21301: Windows Geolocation Service Information Disclosure Vulnerability
Windows Geolocation Service Information Disclosure Vulnerability
nvd
CVE-2026-26152P4HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.69362026-04-14
CVE-2026-26152 [HIGH] CWE-922 CVE-2026-26152: Insecure storage of sensitive information in Windows Cryptographic Services allows an authorized att
Insecure storage of sensitive information in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-59195P4HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.60602025-10-14
CVE-2025-59195 [HIGH] CWE-362 CVE-2025-59195: Concurrent execution using shared resource with improper synchronization ('race condition') in Micro
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to deny service locally.
nvd