Microsoft Windows 11 Version 25H2 vulnerabilities

CVE-2025-55698 [HIGH] CWE-476 CVE-2025-55698: Null pointer dereference in Windows DirectX allows an authorized attacker to deny service over a net Null pointer dereference in Windows DirectX allows an authorized attacker to deny service over a network.

CVE-2026-45654 [HIGH] CWE-284 CVE-2026-45654: Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a securi Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

CVE-2026-48575 [HIGH] CWE-693 CVE-2026-48575: Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a securi Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

CVE-2026-48570 [HIGH] CWE-693 CVE-2026-48570: Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a securi Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

CVE-2026-48568 [HIGH] CWE-693 CVE-2026-48568: Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a securi Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

CVE-2026-45588 [HIGH] CWE-693 CVE-2026-45588: Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a securi Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

CVE-2026-21241 [HIGH] CWE-416 CVE-2026-21241: Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to ele Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2025-59200 [HIGH] CWE-73 CVE-2025-59200: Concurrent execution using shared resource with improper synchronization ('race condition') in Data Concurrent execution using shared resource with improper synchronization ('race condition') in Data Sharing Service Client allows an unauthorized attacker to perform spoofing locally.

CVE-2026-48578 [HIGH] CWE-284 CVE-2026-48578: Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a securi Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

CVE-2025-59194 [HIGH] CWE-908 CVE-2025-59194: Use of uninitialized resource in Windows Kernel allows an authorized attacker to elevate privileges Use of uninitialized resource in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-26161 [HIGH] CWE-20 CVE-2026-26161: Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevat Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally.

CVE-2025-25004 [HIGH] CWE-284 CVE-2025-25004: Improper access control in Microsoft PowerShell allows an authorized attacker to elevate privileges Improper access control in Microsoft PowerShell allows an authorized attacker to elevate privileges locally.

CVE-2026-32149 [HIGH] CWE-20 CVE-2026-32149: Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally. Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally.

CVE-2026-20812 [MEDIUM] CWE-20 CVE-2026-20812: Improper input validation in Windows LDAP - Lightweight Directory Access Protocol allows an authoriz Improper input validation in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to perform tampering over a network.

CVE-2026-25190 [HIGH] CWE-426 CVE-2026-25190: Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally. Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally.

CVE-2026-32071 [HIGH] CWE-476 CVE-2026-32071: Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an una Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.

CVE-2026-35416 [HIGH] CWE-416 CVE-2026-35416: Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver f Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2026-27908 [HIGH] CWE-416 CVE-2026-27908: Use after free in Windows TDI Translation Driver (tdx.sys) allows an authorized attacker to elevate Use after free in Windows TDI Translation Driver (tdx.sys) allows an authorized attacker to elevate privileges locally.

CVE-2025-59206 [HIGH] CWE-416 CVE-2025-59206: Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability

CVE-2026-27921 [HIGH] CWE-362 CVE-2026-27921: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.