Microsoft Windows Server 2025 vulnerabilities

1,143 known vulnerabilities affecting microsoft/windows_server_2025.

Total CVEs

1,143

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL14HIGH797MEDIUM327LOW5

Vulnerabilities

Page 31 of 58

CVE-2025-49669HIGHCVSS 8.8fixed in 10.0.26100.4652≥ 10.0.26100.0, < 10.0.26100.46522025-07-08

CVE-2025-49669 [HIGH] CWE-122 CVE-2025-49669: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorize Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

nvd

CVE-2025-49675HIGHCVSS 7.8fixed in 10.0.26100.4652≥ 10.0.26100.0, < 10.0.26100.46522025-07-08

CVE-2025-49675 [HIGH] CWE-416 CVE-2025-49675: Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-49688HIGHCVSS 8.8fixed in 10.0.26100.4652≥ 10.0.26100.0, < 10.0.26100.46522025-07-08

CVE-2025-49688 [HIGH] CWE-415 CVE-2025-49688: Double free in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to e Double free in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

nvd

CVE-2025-49721HIGHCVSS 7.8fixed in 10.0.26100.4652≥ 10.0.26100.0, < 10.0.26100.46522025-07-08

CVE-2025-49721 [HIGH] CWE-122 CVE-2025-49721: Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate pri Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate privileges locally.

nvd

CVE-2025-47984HIGHCVSS 7.5fixed in 10.0.26100.4652≥ 10.0.26100.0, < 10.0.26100.46522025-07-08

CVE-2025-47984 [HIGH] CWE-693 CVE-2025-47984: Protection mechanism failure in Windows GDI allows an unauthorized attacker to disclose information Protection mechanism failure in Windows GDI allows an unauthorized attacker to disclose information over a network.

nvd

CVE-2025-48000HIGHCVSS 7.8fixed in 10.0.26100.4652≥ 10.0.26100.0, < 10.0.26100.46522025-07-08

CVE-2025-48000 [HIGH] CWE-362 CVE-2025-48000: Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevat Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-48824HIGHCVSS 8.8fixed in 10.0.26100.4652≥ 10.0.26100.0, < 10.0.26100.46522025-07-08

CVE-2025-48824 [HIGH] CWE-122 CVE-2025-48824: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorize Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

nvd

CVE-2025-47982HIGHCVSS 7.8fixed in 10.0.26100.4652≥ 10.0.26100.0, < 10.0.26100.46522025-07-08

CVE-2025-47982 [HIGH] CWE-20 CVE-2025-47982: Improper input validation in Windows Storage VSP Driver allows an authorized attacker to elevate pri Improper input validation in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-49687HIGHCVSS 8.8fixed in 10.0.26100.4652≥ 10.0.26100.0, < 10.0.26100.46522025-07-08

CVE-2025-49687 [HIGH] CWE-125 CVE-2025-49687: Out-of-bounds read in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate p Out-of-bounds read in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-48799HIGHCVSS 7.8fixed in 10.0.26100.4652≥ 10.0.26100.0, < 10.0.26100.46522025-07-08

CVE-2025-48799 [HIGH] CWE-59 CVE-2025-48799: Improper link resolution before file access ('link following') in Windows Update Service allows an a Improper link resolution before file access ('link following') in Windows Update Service allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-49676HIGHCVSS 8.8fixed in 10.0.26100.4652≥ 10.0.26100.0, < 10.0.26100.46522025-07-08

CVE-2025-49676 [HIGH] CWE-122 CVE-2025-49676: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorize Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

nvd

CVE-2025-49668HIGHCVSS 8.8fixed in 10.0.26100.4652≥ 10.0.26100.0, < 10.0.26100.46522025-07-08

CVE-2025-49668 [HIGH] CWE-122 CVE-2025-49668: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorize Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

nvd

CVE-2025-49678HIGHCVSS 7.0fixed in 10.0.26100.4652≥ 10.0.26100.0, < 10.0.26100.46522025-07-08

CVE-2025-49678 [HIGH] CWE-362 CVE-2025-49678: Null pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges locally Null pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-49661HIGHCVSS 7.8fixed in 10.0.26100.4652≥ 10.0.26100.0, < 10.0.26100.46522025-07-08

CVE-2025-49661 [HIGH] CWE-822 CVE-2025-49661: Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-47996HIGHCVSS 7.8fixed in 10.0.26100.4652≥ 10.0.26100.0, < 10.0.26100.46522025-07-08

CVE-2025-47996 [HIGH] CWE-125 CVE-2025-47996: Integer underflow (wrap or wraparound) in Windows MBT Transport driver allows an authorized attacker Integer underflow (wrap or wraparound) in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-49693HIGHCVSS 7.8fixed in 10.0.26100.4652≥ 10.0.26100.0, < 10.0.26100.46522025-07-08

CVE-2025-49693 [HIGH] CWE-415 CVE-2025-49693: Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges l Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-33054HIGHCVSS 8.1fixed in 10.0.26100.4652≥ 10.0.26100.0, < 10.0.26100.46522025-07-08

CVE-2025-33054 [HIGH] CWE-357 CVE-2025-33054: Insufficient UI warning of dangerous operations in Remote Desktop Client allows an unauthorized atta Insufficient UI warning of dangerous operations in Remote Desktop Client allows an unauthorized attacker to perform spoofing over a network.

nvd

CVE-2025-48816HIGHCVSS 7.8fixed in 10.0.26100.4652≥ 10.0.26100.0, < 10.0.26100.46522025-07-08

CVE-2025-48816 [HIGH] CWE-125 CVE-2025-48816: Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileg Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally.

nvd

CVE-2025-48822HIGHCVSS 8.6fixed in 10.0.26100.4652≥ 10.0.26100.0, < 10.0.26100.46522025-07-08

CVE-2025-48822 [HIGH] CWE-125 CVE-2025-48822: Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.

nvd

CVE-2025-49672HIGHCVSS 8.8fixed in 10.0.26100.4652≥ 10.0.26100.0, < 10.0.26100.46522025-07-08

CVE-2025-49672 [HIGH] CWE-122 CVE-2025-49672: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorize Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

nvd

← Previous31 / 58Next →