Microsoft Windows 11 Version 25H2 vulnerabilities

CVE-2026-20859 [HIGH] CWE-416 CVE-2026-20859: Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges lo Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.

CVE-2026-32152 [HIGH] CWE-416 CVE-2026-32152: Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

CVE-2026-35424 [HIGH] CWE-401 CVE-2026-35424: Missing release of memory after effective lifetime in Windows Internet Key Exchange (IKE) Protocol a Missing release of memory after effective lifetime in Windows Internet Key Exchange (IKE) Protocol allows an unauthorized attacker to deny service over a network.

CVE-2026-26179 [HIGH] CWE-415 CVE-2026-26179: Double free in Windows Kernel allows an authorized attacker to elevate privileges locally. Double free in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-26156 [HIGH] CWE-20 CVE-2026-26156: Heap-based buffer overflow in Windows Hyper-V allows an unauthorized attacker to execute code locall Heap-based buffer overflow in Windows Hyper-V allows an unauthorized attacker to execute code locally.

CVE-2026-32154 [HIGH] CWE-416 CVE-2026-32154: Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

CVE-2025-62571 [HIGH] CWE-20 CVE-2025-62571: Improper input validation in Windows Installer allows an authorized attacker to elevate privileges l Improper input validation in Windows Installer allows an authorized attacker to elevate privileges locally.

CVE-2026-24292 [HIGH] CWE-416 CVE-2026-24292: Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to eleva Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally.

CVE-2026-41088 [HIGH] CWE-73 CVE-2026-41088: Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver f Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2026-34344 [HIGH] CWE-843 CVE-2026-34344: Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver f Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2026-40404 [HIGH] CWE-122 CVE-2026-40404: Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

CVE-2026-42916 [HIGH] CWE-190 CVE-2026-42916: Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elev Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-40408 [HIGH] CWE-416 CVE-2026-40408: Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges lo Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.

CVE-2026-27915 [HIGH] CWE-416 CVE-2026-27915: Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker t Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.

CVE-2026-26162 [HIGH] CWE-843 CVE-2026-26162: Access of resource using incompatible type ('type confusion') in Windows OLE allows an authorized at Access of resource using incompatible type ('type confusion') in Windows OLE allows an authorized attacker to elevate privileges locally.

CVE-2026-26163 [HIGH] CWE-415 CVE-2026-26163: Double free in Windows Kernel allows an authorized attacker to elevate privileges locally. Double free in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-20874 [HIGH] CWE-362 CVE-2026-20874: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVE-2026-20918 [HIGH] CWE-362 CVE-2026-20918: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVE-2026-20873 [HIGH] CWE-362 CVE-2026-20873: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVE-2025-53768 [HIGH] CWE-362 CVE-2025-53768: Use after free in Xbox allows an authorized attacker to elevate privileges locally. Use after free in Xbox allows an authorized attacker to elevate privileges locally.