Microsoft Windows 11 Version 25H2 vulnerabilities

CVE-2026-26160 [HIGH] CWE-306 CVE-2026-26160: Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an a Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.

CVE-2026-49160 [HIGH] CWE-400 CVE-2026-49160: Uncontrolled resource consumption in HTTP/2 allows an unauthorized attacker to deny service over a n Uncontrolled resource consumption in HTTP/2 allows an unauthorized attacker to deny service over a network.

CVE-2025-60704 [HIGH] CWE-325 CVE-2025-60704: Missing cryptographic step in Windows Kerberos allows an unauthorized attacker to elevate privileges Missing cryptographic step in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network.

CVE-2026-35421 [HIGH] CWE-122 CVE-2026-35421: Heap-based buffer overflow in Windows GDI allows an unauthorized attacker to execute code locally. Heap-based buffer overflow in Windows GDI allows an unauthorized attacker to execute code locally.

CVE-2026-20870 [HIGH] CWE-416 CVE-2026-20870: Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

CVE-2025-59201 [HIGH] CWE-284 CVE-2025-59201: Improper access control in Network Connection Status Indicator (NCSI) allows an authorized attacker Improper access control in Network Connection Status Indicator (NCSI) allows an authorized attacker to elevate privileges locally.

CVE-2025-62474 [HIGH] CWE-284 CVE-2025-62474: Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.

CVE-2026-35417 [HIGH] CWE-843 CVE-2026-35417: Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

CVE-2026-40399 [HIGH] CWE-121 CVE-2026-40399: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

CVE-2026-45636 [HIGH] CWE-20 CVE-2026-45636: Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally. Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.

CVE-2026-34330 [HIGH] CWE-190 CVE-2026-34330: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

CVE-2026-34333 [HIGH] CWE-190 CVE-2026-34333: Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

CVE-2026-26159 [HIGH] CWE-306 CVE-2026-26159: Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an a Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.

CVE-2026-26176 [HIGH] CWE-122 CVE-2026-26176: Heap-based buffer overflow in Windows Client Side Caching driver (csc.sys) allows an authorized atta Heap-based buffer overflow in Windows Client Side Caching driver (csc.sys) allows an authorized attacker to elevate privileges locally.

CVE-2026-48583 [HIGH] CWE-416 CVE-2026-48583: Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-32161 [HIGH] CWE-362 CVE-2026-32161: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Native WiFi Miniport Driver allows an unauthorized attacker to execute code over an adjacent network.

CVE-2026-25181 [HIGH] CWE-125 CVE-2026-25181: Out-of-bounds read in Windows GDI+ allows an unauthorized attacker to disclose information over a ne Out-of-bounds read in Windows GDI+ allows an unauthorized attacker to disclose information over a network.

CVE-2026-32183 [HIGH] CWE-77 CVE-2026-32183: Improper neutralization of special elements used in a command ('command injection') in Windows Snipp Improper neutralization of special elements used in a command ('command injection') in Windows Snipping Tool allows an unauthorized attacker to execute code locally.

CVE-2026-20811 [HIGH] CWE-822 CVE-2026-20811: Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an au Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.

CVE-2026-20941 [HIGH] CWE-59 CVE-2026-20941: Improper link resolution before file access ('link following') in Host Process for Windows Tasks all Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.