Microsoft Windows 11 Version 25H2 vulnerabilities

CVE-2025-60708 [MEDIUM] CWE-822 CVE-2025-60708: Untrusted pointer dereference in Storvsp.sys Driver allows an authorized attacker to deny service lo Untrusted pointer dereference in Storvsp.sys Driver allows an authorized attacker to deny service locally.

CVE-2026-20932 [MEDIUM] CWE-200 CVE-2026-20932: Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an author Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.

CVE-2026-20823 [MEDIUM] CWE-200 CVE-2026-20823: Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an author Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.

CVE-2026-20862 [MEDIUM] CWE-200 CVE-2026-20862: Exposure of sensitive information to an unauthorized actor in Windows Management Services allows an Exposure of sensitive information to an unauthorized actor in Windows Management Services allows an authorized attacker to disclose information locally.

CVE-2025-55676 [MEDIUM] CWE-209 CVE-2025-55676: Generation of error message containing sensitive information in Windows USB Video Driver allows an a Generation of error message containing sensitive information in Windows USB Video Driver allows an authorized attacker to disclose information locally.

CVE-2025-59211 [MEDIUM] CWE-200 CVE-2025-59211: Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally.

CVE-2026-20829 [MEDIUM] CWE-125 CVE-2026-20829: Out-of-bounds read in Windows TPM allows an authorized attacker to disclose information locally. Out-of-bounds read in Windows TPM allows an authorized attacker to disclose information locally.

CVE-2026-20835 [MEDIUM] CWE-125 CVE-2026-20835: Out-of-bounds read in Capability Access Management Service (camsvc) allows an authorized attacker to Out-of-bounds read in Capability Access Management Service (camsvc) allows an authorized attacker to disclose information locally.

CVE-2025-59509 [MEDIUM] CWE-201 CVE-2025-59509: Insertion of sensitive information into sent data in Windows Speech allows an authorized attacker to Insertion of sensitive information into sent data in Windows Speech allows an authorized attacker to disclose information locally.

CVE-2025-62468 [MEDIUM] CWE-125 CVE-2025-62468: Out-of-bounds read in Windows Defender Firewall Service allows an authorized attacker to disclose in Out-of-bounds read in Windows Defender Firewall Service allows an authorized attacker to disclose information locally.

CVE-2025-59204 [MEDIUM] CWE-908 CVE-2025-59204: Use of uninitialized resource in Windows Management Services allows an authorized attacker to disclo Use of uninitialized resource in Windows Management Services allows an authorized attacker to disclose information locally.

CVE-2025-59513 [MEDIUM] CWE-125 CVE-2025-59513: Out-of-bounds read in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to discl Out-of-bounds read in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to disclose information locally.

CVE-2026-42972 [MEDIUM] CWE-200 CVE-2026-42972: Exposure of sensitive information to an unauthorized actor in Windows Hyper-V allows an authorized a Exposure of sensitive information to an unauthorized actor in Windows Hyper-V allows an authorized attacker to disclose information locally.

CVE-2026-42968 [MEDIUM] CWE-125 CVE-2026-42968: Out-of-bounds read in Windows Telephony Service allows an authorized attacker to disclose informatio Out-of-bounds read in Windows Telephony Service allows an authorized attacker to disclose information locally.

CVE-2026-45594 [MEDIUM] CWE-200 CVE-2026-45594: Exposure of sensitive information to an unauthorized actor in Windows Application Identity (AppID) S Exposure of sensitive information to an unauthorized actor in Windows Application Identity (AppID) Subsystem allows an authorized attacker to disclose information locally.

CVE-2026-32212 [MEDIUM] CWE-59 CVE-2026-32212: Improper link resolution before file access ('link following') in Universal Plug and Play (upnp.dll) Improper link resolution before file access ('link following') in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally.

CVE-2026-45634 [MEDIUM] CWE-125 CVE-2026-45634: Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information loca Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information locally.

CVE-2026-32214 [MEDIUM] CWE-284 CVE-2026-32214: Improper access control in Universal Plug and Play (upnp.dll) allows an authorized attacker to discl Improper access control in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally.

CVE-2025-62463 [MEDIUM] CWE-476 CVE-2025-62463: Null pointer dereference in Windows DirectX allows an authorized attacker to deny service locally. Null pointer dereference in Windows DirectX allows an authorized attacker to deny service locally.

CVE-2025-62465 [MEDIUM] CWE-476 CVE-2025-62465: Null pointer dereference in Windows DirectX allows an authorized attacker to deny service locally. Null pointer dereference in Windows DirectX allows an authorized attacker to deny service locally.