Microsoft Windows Server 2022 23H2 vulnerabilities

CVE-2025-26687 [HIGH] CWE-416 CVE-2025-26687: Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.

CVE-2025-21204 [HIGH] CWE-59 CVE-2025-21204: Improper link resolution before file access ('link following') in Windows Update Stack allows an aut Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate privileges locally.

CVE-2025-26679 [HIGH] CWE-416 CVE-2025-26679: Use after free in RPC Endpoint Mapper Service allows an authorized attacker to elevate privileges lo Use after free in RPC Endpoint Mapper Service allows an authorized attacker to elevate privileges locally.

CVE-2025-27469 [HIGH] CWE-400 CVE-2025-27469: Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.

CVE-2025-26686 [HIGH] CWE-591 CVE-2025-26686: Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network.

CVE-2025-27482 [HIGH] CWE-591 CVE-2025-27482: Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unaut Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.

CVE-2025-27492 [HIGH] CWE-362 CVE-2025-27492: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally.

CVE-2025-29810 [HIGH] CWE-284 CVE-2025-29810: Improper access control in Active Directory Domain Services allows an authorized attacker to elevate Improper access control in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.

CVE-2025-27739 [HIGH] CWE-822 CVE-2025-27739: Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2025-27487 [HIGH] CWE-122 CVE-2025-27487: Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code ov Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network.

CVE-2025-26669 [HIGH] CWE-125 CVE-2025-26669: Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attack Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

CVE-2025-26681 [MEDIUM] CWE-416 CVE-2025-26681: Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

CVE-2025-26635 [MEDIUM] CWE-1390 CVE-2025-26635: Weak authentication in Windows Hello allows an authorized attacker to bypass a security feature over Weak authentication in Windows Hello allows an authorized attacker to bypass a security feature over a network.

CVE-2025-26667 [MEDIUM] CWE-200 CVE-2025-26667: Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Serv Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

CVE-2025-21197 [MEDIUM] CWE-284 CVE-2025-21197: Improper access control in Windows NTFS allows an authorized attacker to disclose file path informat Improper access control in Windows NTFS allows an authorized attacker to disclose file path information under a folder where the attacker doesn't have permission to list content.

CVE-2025-27736 [MEDIUM] CWE-200 CVE-2025-27736: Exposure of sensitive information to an unauthorized actor in Windows Power Dependency Coordinator a Exposure of sensitive information to an unauthorized actor in Windows Power Dependency Coordinator allows an authorized attacker to disclose information locally.

CVE-2025-27474 [MEDIUM] CWE-908 CVE-2025-27474: Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthor Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

CVE-2025-27738 [MEDIUM] CWE-284 CVE-2025-27738: Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to dis Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to disclose information over a network.

CVE-2025-26651 [MEDIUM] CWE-749 CVE-2025-26651: Exposed dangerous method or function in Windows Local Session Manager (LSM) allows an authorized att Exposed dangerous method or function in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.

CVE-2025-26676 [MEDIUM] CWE-126 CVE-2025-26676: Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.