Msrc Windows Server 2022 23H2 Edition vulnerabilities

CVE-2026-21237 [HIGH] CWE-362 Windows Subsystem for Linux Elevation of Privilege Vulnerability Windows Subsystem for Linux Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? For an attacker to explo

CVE-2026-21255 [HIGH] CWE-284 Windows Hyper-V Security Feature Bypass Vulnerability Windows Hyper-V Security Feature Bypass Vulnerability Description: Improper access control in Windows Hyper-V allows an authorized attacker to bypass a security feature locally. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? An attacker who successfully exploited this vulnerability could bypass the Virtualization-based Security feature. FAQ: How could an att

CVE-2026-21508 [HIGH] CWE-287 Windows Storage Elevation of Privilege Vulnerability Windows Storage Elevation of Privilege Vulnerability Description: Improper authentication in Windows Storage allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliabil

CVE-2026-21240 [HIGH] CWE-367 Windows HTTP.sys Elevation of Privilege Vulnerability Windows HTTP.sys Elevation of Privilege Vulnerability Description: Time-of-check time-of-use (toctou) race condition in Windows HTTP.sys allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows HTTP.sys: Windows HT

CVE-2026-21243 [HIGH] CWE-476 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability Description: Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network. Windows LDAP - Lightweight Directory Access Protocol: Windows LDAP - Lightweight Directory Access Protocol Microsoft: Microsoft Customer A

CVE-2026-21239 [HIGH] CWE-122 Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Kernel: Windows Kernel Microsoft: Microsoft Cus

CVE-2026-21247 [HIGH] CWE-20 Windows Hyper-V Remote Code Execution Vulnerability Windows Hyper-V Remote Code Execution Vulnerability Description: Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally. FAQ: According to the CVSS metric, user interaction is required (UI:R) and privileges required is Low (PR:L). What does that mean for this vulnerability? The file must be stored in a location that allows an attacker write access, enabling the file to b

CVE-2026-21250 [HIGH] CWE-822 Windows HTTP.sys Elevation of Privilege Vulnerability Windows HTTP.sys Elevation of Privilege Vulnerability Description: Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows HTTP.sys: Windows HTTP.sys Microsoft: M

CVE-2026-21519 [HIGH] CWE-843 Desktop Window Manager Elevation of Privilege Vulnerability Desktop Window Manager Elevation of Privilege Vulnerability Description: Access of resource using incompatible type ('type confusion') in Desktop Window Manager allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2026-21231 [HIGH] CWE-362 Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attac

CVE-2026-21253 [HIGH] CWE-416 Mailslot File System Elevation of Privilege Vulnerability Mailslot File System Elevation of Privilege Vulnerability Description: Use after free in Mailslot File System allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. FAQ: What privileges could be

CVE-2026-21241 [HIGH] CWE-416 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Description: Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? For an attacker to exploit this vulnerability,

CVE-2026-21242 [HIGH] CWE-416 Windows Subsystem for Linux Elevation of Privilege Vulnerability Windows Subsystem for Linux Elevation of Privilege Vulnerability Description: Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. FAQ: According to the CVSS met

CVE-2026-21244 [HIGH] CWE-122 Windows Hyper-V Remote Code Execution Vulnerability Windows Hyper-V Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referre

CVE-2026-21238 [HIGH] CWE-284 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Description: Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerabilit

CVE-2026-21246 [HIGH] CWE-122 Windows Graphics Component Elevation of Privilege Vulnerability Windows Graphics Component Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Microsoft Graphics

CVE-2026-21236 [HIGH] CWE-122 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerabi

CVE-2026-21232 [HIGH] CWE-822 Windows HTTP.sys Elevation of Privilege Vulnerability Windows HTTP.sys Elevation of Privilege Vulnerability Description: Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows HTTP.sys: Windows HTTP.sys Microsoft: M

CVE-2026-21510 [HIGH] CWE-693 Windows Shell Security Feature Bypass Vulnerability Windows Shell Security Feature Bypass Vulnerability Description: Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network. FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? To successfully exploit this vulnerability, an attacker must convince a user to open a malicious link or shortcu

CVE-2026-21513 [HIGH] CWE-693 MSHTML Framework Security Feature Bypass Vulnerability MSHTML Framework Security Feature Bypass Vulnerability Description: Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network. FAQ: According to the CVSS metric, the attack vector is user interaction is required (UI:R). How could an attacker exploit this security feature bypass vulnerability? An attacker could exploit this vulnerability by conv