Msrc Windows Server 2025 vulnerabilities

CVE-2026-21250 [HIGH] CWE-822 Windows HTTP.sys Elevation of Privilege Vulnerability Windows HTTP.sys Elevation of Privilege Vulnerability Description: Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows HTTP.sys: Windows HTTP.sys Microsoft: M

CVE-2026-21519 [HIGH] CWE-843 Desktop Window Manager Elevation of Privilege Vulnerability Desktop Window Manager Elevation of Privilege Vulnerability Description: Access of resource using incompatible type ('type confusion') in Desktop Window Manager allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2026-21241 [HIGH] CWE-416 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Description: Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? For an attacker to exploit this vulnerability,

CVE-2026-21242 [HIGH] CWE-416 Windows Subsystem for Linux Elevation of Privilege Vulnerability Windows Subsystem for Linux Elevation of Privilege Vulnerability Description: Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. FAQ: According to the CVSS met

CVE-2026-21244 [HIGH] CWE-122 Windows Hyper-V Remote Code Execution Vulnerability Windows Hyper-V Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referre

CVE-2026-21246 [HIGH] CWE-122 Windows Graphics Component Elevation of Privilege Vulnerability Windows Graphics Component Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Microsoft Graphics

CVE-2026-21232 [HIGH] CWE-822 Windows HTTP.sys Elevation of Privilege Vulnerability Windows HTTP.sys Elevation of Privilege Vulnerability Description: Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows HTTP.sys: Windows HTTP.sys Microsoft: M

CVE-2026-21251 [HIGH] CWE-416 Cluster Client Failover (CCF) Elevation of Privilege Vulnerability Cluster Client Failover (CCF) Elevation of Privilege Vulnerability Description: Use after free in Windows Cluster Client Failover allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Cluster Client

CVE-2026-21234 [HIGH] CWE-362 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability Windows Connected Devices Platform Service Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for

CVE-2026-21222 [MEDIUM] CWE-532 Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Description: Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read

CVE-2026-21249 [LOW] CWE-73 Windows NTLM Spoofing Vulnerability Windows NTLM Spoofing Vulnerability Description: External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing locally. FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? An attacker must send a user a malicious Office file and convince them to open it. FAQ: According to the CVSS metrics, successful exploitation of this vu

CVE-2026-20832 [HIGH] CWE-415 Windows Remote Procedure Call Interface Definition Language (IDL) Elevation of Privilege Vulnerability Windows Remote Procedure Call Interface Definition Language (IDL) Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could create, modify, or delete files in the security context of the "NT AUTHORITY\SYSTEM" account. Window

CVE-2026-20815 [HIGH] CWE-362 Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that

CVE-2026-20848 [HIGH] CWE-362 Windows SMB Server Elevation of Privilege Vulnerability Windows SMB Server Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability coul

CVE-2026-20919 [HIGH] CWE-362 Windows SMB Server Elevation of Privilege Vulnerability Windows SMB Server Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerabilit

CVE-2026-20859 [HIGH] CWE-416 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Description: Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Kernel-Mode Drivers: Win

CVE-2026-21221 [HIGH] CWE-362 Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that

CVE-2026-20865 [HIGH] CWE-416 Windows Management Services Elevation of Privilege Vulnerability Windows Management Services Elevation of Privilege Vulnerability Description: Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. FAQ: Acc

CVE-2026-20870 [HIGH] CWE-416 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability Description: Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Win32K - ICOMP: Windo

CVE-2026-20809 [HIGH] CWE-367 Windows Kernel Memory Elevation of Privilege Vulnerability Windows Kernel Memory Elevation of Privilege Vulnerability Description: Time-of-check time-of-use (toctou) race condition in Windows Kernel Memory allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain Kernel Memory Access. Windows Ke