Msrc Windows 10 Version 22H2 vulnerabilities

CVE-2026-20921 [HIGH] CWE-362 Windows SMB Server Elevation of Privilege Vulnerability Windows SMB Server Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerabilit

CVE-2026-20869 [HIGH] CWE-362 Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Local Session Manager (LSM) allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

CVE-2026-20832 [HIGH] CWE-415 Windows Remote Procedure Call Interface Definition Language (IDL) Elevation of Privilege Vulnerability Windows Remote Procedure Call Interface Definition Language (IDL) Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could create, modify, or delete files in the security context of the "NT AUTHORITY\SYSTEM" account. Window

CVE-2026-20922 [HIGH] CWE-122 Windows NTFS Remote Code Execution Vulnerability Windows NTFS Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as A

CVE-2026-20848 [HIGH] CWE-362 Windows SMB Server Elevation of Privilege Vulnerability Windows SMB Server Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability coul

CVE-2026-20919 [HIGH] CWE-362 Windows SMB Server Elevation of Privilege Vulnerability Windows SMB Server Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerabilit

CVE-2026-20865 [HIGH] CWE-416 Windows Management Services Elevation of Privilege Vulnerability Windows Management Services Elevation of Privilege Vulnerability Description: Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. FAQ: Acc

CVE-2026-20809 [HIGH] CWE-367 Windows Kernel Memory Elevation of Privilege Vulnerability Windows Kernel Memory Elevation of Privilege Vulnerability Description: Time-of-check time-of-use (toctou) race condition in Windows Kernel Memory allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain Kernel Memory Access. Windows Ke

CVE-2026-20940 [HIGH] CWE-822 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTE

CVE-2026-20840 [HIGH] CWE-122 Windows NTFS Remote Code Execution Vulnerability Windows NTFS Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as A

CVE-2026-20843 [HIGH] CWE-284 Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability Description: Improper access control in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vul

CVE-2026-20856 [HIGH] CWE-20 Windows Server Update Service (WSUS) Remote Code Execution Vulnerability Windows Server Update Service (WSUS) Remote Code Execution Vulnerability Description: Improper input validation in Windows Server Update Service allows an unauthorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? The attacker must inject themselves into the logical network path betw

CVE-2026-20852 [HIGH] CWE-266 Windows Hello Tampering Vulnerability Windows Hello Tampering Vulnerability Description: Incorrect privilege assignment in Windows Hello allows an unauthorized attacker to perform tampering locally. Windows Hello: Windows Hello Microsoft: Microsoft Customer Action Required: Yes Impact: Tampering Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.asp

CVE-2026-20836 [HIGH] CWE-362 DirectX Graphics Kernel Elevation of Privilege Vulnerability DirectX Graphics Kernel Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability coul

CVE-2026-20866 [HIGH] CWE-362 Windows Management Services Elevation of Privilege Vulnerability Windows Management Services Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation

CVE-2026-20844 [HIGH] CWE-416 Windows Clipboard Server Elevation of Privilege Vulnerability Windows Clipboard Server Elevation of Privilege Vulnerability Description: Use after free in Windows Clipboard Server allows an unauthorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. FAQ: According to the CVSS metric, th

CVE-2026-20820 [HIGH] CWE-122 Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM p

CVE-2026-20858 [HIGH] CWE-416 Windows Management Services Elevation of Privilege Vulnerability Windows Management Services Elevation of Privilege Vulnerability Description: Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. FAQ: Acc

CVE-2026-20934 [HIGH] CWE-362 Windows SMB Server Elevation of Privilege Vulnerability Windows SMB Server Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerabilit

CVE-2026-20831 [HIGH] CWE-367 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Description: Time-of-check time-of-use (toctou) race condition in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully e