Microsoft Windows 11 Version 23H2 vulnerabilities

CVE-2025-29971 [HIGH] CWE-125 CVE-2025-29971: Out-of-bounds read in Web Threat Defense (WTD.sys) allows an unauthorized attacker to deny service o Out-of-bounds read in Web Threat Defense (WTD.sys) allows an unauthorized attacker to deny service over a network.

CVE-2023-36028 [CRITICAL] CWE-122 CVE-2023-36028: Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability

CVE-2026-41096 [CRITICAL] CWE-122 CVE-2026-41096: Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network.

CVE-2024-38140 [CRITICAL] CWE-416 CVE-2024-38140: Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability

CVE-2024-43532 [HIGH] CWE-636 CVE-2024-43532: Remote Registry Service Elevation of Privilege Vulnerability Remote Registry Service Elevation of Privilege Vulnerability

CVE-2023-36017 [HIGH] CWE-843 CVE-2023-36017: Windows Scripting Engine Memory Corruption Vulnerability Windows Scripting Engine Memory Corruption Vulnerability

CVE-2025-49744 [HIGH] CWE-122 CVE-2025-49744: Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

CVE-2024-20674 [HIGH] CWE-305 CVE-2024-20674: Windows Kerberos Security Feature Bypass Vulnerability Windows Kerberos Security Feature Bypass Vulnerability

CVE-2024-21416 [CRITICAL] CWE-122 CVE-2024-21416: Windows TCP/IP Remote Code Execution Vulnerability Windows TCP/IP Remote Code Execution Vulnerability

CVE-2025-21369 [HIGH] CWE-122 CVE-2025-21369: Microsoft Digest Authentication Remote Code Execution Vulnerability Microsoft Digest Authentication Remote Code Execution Vulnerability

CVE-2025-21368 [HIGH] CWE-122 CVE-2025-21368: Microsoft Digest Authentication Remote Code Execution Vulnerability Microsoft Digest Authentication Remote Code Execution Vulnerability

CVE-2024-38199 [CRITICAL] CWE-416 CVE-2024-38199: Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability

CVE-2025-21307 [CRITICAL] CWE-416 CVE-2025-21307: Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability

CVE-2023-36005 [HIGH] CWE-591 CVE-2023-36005: Windows Telephony Server Elevation of Privilege Vulnerability Windows Telephony Server Elevation of Privilege Vulnerability

CVE-2026-45657 [CRITICAL] CWE-122 CVE-2026-45657: Use after free in Windows Kernel allows an unauthorized attacker to execute code over a network. Use after free in Windows Kernel allows an unauthorized attacker to execute code over a network.

CVE-2026-25177 [HIGH] CWE-641 CVE-2026-25177: Improper restriction of names for files and other resources in Active Directory Domain Services allo Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.

CVE-2025-33064 [HIGH] CWE-122 CVE-2025-33064: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.

CVE-2025-53143 [HIGH] CWE-843 CVE-2025-53143: Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an a Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.

CVE-2025-62456 [HIGH] CWE-122 CVE-2025-62456: Heap-based buffer overflow in Windows Resilient File System (ReFS) allows an authorized attacker to Heap-based buffer overflow in Windows Resilient File System (ReFS) allows an authorized attacker to execute code over a network.

CVE-2026-42904 [CRITICAL] CWE-122 CVE-2026-42904: Heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate privileges o Heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate privileges over an adjacent network.