Microsoft Windows 11 Version 25H2 vulnerabilities

CVE-2025-58719 [MEDIUM] CWE-416 CVE-2025-58719: Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to eleva Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally.

CVE-2025-55337 [MEDIUM] CWE-841 CVE-2025-55337: Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

CVE-2025-55682 [MEDIUM] CWE-841 CVE-2025-55682: Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

CVE-2026-26175 [MEDIUM] CWE-908 CVE-2026-26175: Use of uninitialized resource in Windows Boot Manager allows an unauthorized attacker to bypass a se Use of uninitialized resource in Windows Boot Manager allows an unauthorized attacker to bypass a security feature with a physical attack.

CVE-2026-20825 [MEDIUM] CWE-284 CVE-2026-20825: Improper access control in Windows Hyper-V allows an authorized attacker to disclose information loc Improper access control in Windows Hyper-V allows an authorized attacker to disclose information locally.

CVE-2025-48813 [MEDIUM] CWE-324 CVE-2025-48813: Use of a key past its expiration date in Virtual Secure Mode allows an authorized attacker to perfor Use of a key past its expiration date in Virtual Secure Mode allows an authorized attacker to perform spoofing locally.

CVE-2026-20962 [MEDIUM] CWE-908 CVE-2026-20962: Use of uninitialized resource in Dynamic Root of Trust for Measurement (DRTM) allows an authorized a Use of uninitialized resource in Dynamic Root of Trust for Measurement (DRTM) allows an authorized attacker to disclose information locally.

CVE-2026-27906 [MEDIUM] CWE-20 CVE-2026-27906: Improper input validation in Windows Hello allows an authorized attacker to bypass a security featur Improper input validation in Windows Hello allows an authorized attacker to bypass a security feature locally.

CVE-2026-32220 [MEDIUM] CWE-284 CVE-2026-32220: Improper access control in Windows Virtualization-Based Security (VBS) Enclave allows an authorized Improper access control in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.

CVE-2026-32209 [MEDIUM] CWE-284 CVE-2026-32209: Improper access control in Windows Filtering Platform (WFP) allows an authorized attacker to bypass Improper access control in Windows Filtering Platform (WFP) allows an authorized attacker to bypass a security feature locally.

CVE-2026-20928 [MEDIUM] CWE-212 CVE-2026-20928: Improper removal of sensitive information before storage or transfer in Windows Recovery Environment Improper removal of sensitive information before storage or transfer in Windows Recovery Environment Agent allows an unauthorized attacker to bypass a security feature with a physical attack.

CVE-2025-59198 [MEDIUM] CWE-20 CVE-2025-59198: Improper input validation in Microsoft Windows Search Component allows an authorized attacker to den Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally.

CVE-2026-20828 [MEDIUM] CWE-125 CVE-2026-20828: Out-of-bounds read in Windows Internet Connection Sharing (ICS) allows an unauthorized attacker to d Out-of-bounds read in Windows Internet Connection Sharing (ICS) allows an unauthorized attacker to disclose information with a physical attack.

CVE-2025-59294 [MEDIUM] CWE-200 CVE-2025-59294: Exposure of sensitive information to an unauthorized actor in Windows Taskbar Live allows an unautho Exposure of sensitive information to an unauthorized actor in Windows Taskbar Live allows an unauthorized attacker to disclose information with a physical attack.

CVE-2026-20936 [MEDIUM] CWE-125 CVE-2026-20936: Out-of-bounds read in Windows NDIS allows an authorized attacker to disclose information with a phys Out-of-bounds read in Windows NDIS allows an authorized attacker to disclose information with a physical attack.

CVE-2026-45642 [LOW] CWE-20 CVE-2026-45642: Improper input validation in Microsoft Azure Attestation service and Device Health Attestation Servi Improper input validation in Microsoft Azure Attestation service and Device Health Attestation Service allows an authorized attacker to perform spoofing with a physical attack.

CVE-2025-55695 [LOW] CWE-125 CVE-2025-55695: Out-of-bounds read in Windows WLAN Auto Config Service allows an authorized attacker to disclose inf Out-of-bounds read in Windows WLAN Auto Config Service allows an authorized attacker to disclose information locally.

CVE-2026-42914 [MEDIUM] CWE-125 Windows Kerberos Denial of Service Vulnerability Windows Kerberos Denial of Service Vulnerability Windows Kerberos Denial of Service Vulnerability