Microsoft Windows 11 Version 25H2 vulnerabilities

CVE-2026-33824 [CRITICAL] CWE-415 CVE-2026-33824: Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network. Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network.

CVE-2026-32183 [HIGH] CWE-77 CVE-2026-32183: Improper neutralization of special elements used in a command ('command injection') in Windows Snipp Improper neutralization of special elements used in a command ('command injection') in Windows Snipping Tool allows an unauthorized attacker to execute code locally.

CVE-2026-26181 [HIGH] CWE-362 CVE-2026-26181: Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privilege Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.

CVE-2026-26177 [HIGH] CWE-416 CVE-2026-26177: Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to ele Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2026-32070 [HIGH] CWE-416 CVE-2026-32070: Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate pri Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

CVE-2026-32164 [HIGH] CWE-362 CVE-2026-32164: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.

CVE-2026-32149 [HIGH] CWE-20 CVE-2026-32149: Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally. Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally.

CVE-2026-26179 [HIGH] CWE-415 CVE-2026-26179: Double free in Windows Kernel allows an authorized attacker to elevate privileges locally. Double free in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-20930 [HIGH] CWE-362 CVE-2026-20930: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVE-2026-32068 [HIGH] CWE-362 CVE-2026-32068: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

CVE-2026-33099 [HIGH] CWE-416 CVE-2026-33099: Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to ele Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2026-26153 [HIGH] CWE-125 CVE-2026-26153: Out-of-bounds read in Windows Encrypting File System (EFS) allows an authorized attacker to elevate Out-of-bounds read in Windows Encrypting File System (EFS) allows an authorized attacker to elevate privileges locally.

CVE-2026-32087 [HIGH] CWE-122 CVE-2026-32087: Heap-based buffer overflow in Function Discovery Service (fdwsd.dll) allows an authorized attacker t Heap-based buffer overflow in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.

CVE-2026-32090 [HIGH] CWE-362 CVE-2026-32090: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally.

CVE-2026-26152 [HIGH] CWE-922 CVE-2026-26152: Insecure storage of sensitive information in Windows Cryptographic Services allows an authorized att Insecure storage of sensitive information in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.

CVE-2026-32162 [HIGH] CWE-349 CVE-2026-32162: Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized atta Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally.

CVE-2026-27909 [HIGH] CWE-416 CVE-2026-27909: Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privil Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.

CVE-2026-32086 [HIGH] CWE-362 CVE-2026-32086: Concurrent execution using shared resource with improper synchronization ('race condition') in Funct Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.

CVE-2026-32153 [HIGH] CWE-362 CVE-2026-32153: Use after free in Microsoft Windows Speech allows an authorized attacker to elevate privileges local Use after free in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.

CVE-2026-27915 [HIGH] CWE-416 CVE-2026-27915: Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker t Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.