Microsoft Windows 11 Version 25H2 vulnerabilities

CVE-2025-55693 [HIGH] CWE-416 CVE-2025-55693: Use after free in Windows Kernel allows an unauthorized attacker to elevate privileges locally. Use after free in Windows Kernel allows an unauthorized attacker to elevate privileges locally.

CVE-2026-20853 [HIGH] CWE-362 CVE-2026-20853: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows WalletService allows an unauthorized attacker to elevate privileges locally.

CVE-2025-62565 [HIGH] CWE-416 CVE-2025-62565: Use after free in Windows Shell allows an authorized attacker to elevate privileges locally. Use after free in Windows Shell allows an authorized attacker to elevate privileges locally.

CVE-2026-20875 [HIGH] CWE-476 CVE-2026-20875: Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an una Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.

CVE-2026-21232 [HIGH] CWE-822 CVE-2026-21232: Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privilege Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally.

CVE-2026-25165 [HIGH] CWE-476 CVE-2026-25165: Null pointer dereference in Windows Performance Counters allows an authorized attacker to elevate pr Null pointer dereference in Windows Performance Counters allows an authorized attacker to elevate privileges locally.

CVE-2026-24293 [HIGH] CWE-476 CVE-2026-24293: Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attac Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2026-23672 [HIGH] CWE-125 CVE-2026-23672: Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

CVE-2026-44812 [HIGH] CWE-190 CVE-2026-44812: Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute c Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.

CVE-2026-44803 [HIGH] CWE-190 CVE-2026-44803: Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute c Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.

CVE-2026-25174 [HIGH] CWE-125 CVE-2026-25174: Out-of-bounds read in Windows Extensible File Allocation allows an authorized attacker to elevate pr Out-of-bounds read in Windows Extensible File Allocation allows an authorized attacker to elevate privileges locally.

CVE-2026-32222 [HIGH] CWE-822 CVE-2026-32222: Untrusted pointer dereference in Windows Win32K - ICOMP allows an authorized attacker to elevate pri Untrusted pointer dereference in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

CVE-2026-32076 [HIGH] CWE-125 CVE-2026-32076: Out-of-bounds read in Windows Storage Spaces Controller allows an authorized attacker to elevate pri Out-of-bounds read in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.

CVE-2026-34336 [HIGH] CWE-122 CVE-2026-34336: Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

CVE-2026-26184 [HIGH] CWE-126 CVE-2026-26184: Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privilege Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally.

CVE-2026-45592 [HIGH] CWE-190 CVE-2026-45592: Integer overflow or wraparound in Windows Internet (wininet.dll) allows an authorized attacker to el Integer overflow or wraparound in Windows Internet (wininet.dll) allows an authorized attacker to elevate privileges locally.

CVE-2025-48004 [HIGH] CWE-416 CVE-2025-48004: Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privile Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.

CVE-2025-64658 [HIGH] CWE-362 CVE-2025-64658: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate privileges locally.

CVE-2026-21247 [HIGH] CWE-20 CVE-2026-21247: Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally. Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally.

CVE-2026-47652 [HIGH] CWE-122 CVE-2026-47652: Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.