Windows 11 23h2

CVEs (113)

CVE	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2026-26177	Hig	0.46	7.0	0.00		Apr 14, 2026	Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-26174	Hig	0.46	7.0	0.00		Apr 14, 2026	Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Server Update Service allows an authorized attacker to elevate privileges locally.
CVE-2026-26173	Hig	0.46	7.0	0.00		Apr 14, 2026	Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-26166	Hig	0.46	7.0	0.00		Apr 14, 2026	Double free in Windows Shell allows an authorized attacker to elevate privileges locally.
CVE-2026-26165	Hig	0.46	7.0	0.00		Apr 14, 2026	Use after free in Windows Shell allows an authorized attacker to elevate privileges locally.
CVE-2026-26152	Hig	0.46	7.0	0.00		Apr 14, 2026	Insecure storage of sensitive information in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.
CVE-2026-26151	Hig	0.46	7.1	0.00		Apr 14, 2026	Insufficient ui warning of dangerous operations in Windows Remote Desktop allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-25184	Hig	0.46	7.0	0.00		Apr 14, 2026	Concurrent execution using shared resource with improper synchronization ('race condition') in Applocker Filter Driver (applockerfltr.sys) allows an authorized attacker to elevate privileges locally.
CVE-2026-32151	Med	0.42	6.5	0.00		Apr 14, 2026	Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information over a network.
CVE-2026-27925	Med	0.42	6.5	0.00		Apr 14, 2026	Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to disclose information over an adjacent network.
CVE-2026-26155	Med	0.42	6.5	0.00		Apr 14, 2026	Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
CVE-2026-32202	Med	0.41	4.3	0.08	KEV	Apr 14, 2026	Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-32088	Med	0.40	6.1	0.00		Apr 14, 2026	Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Biometric Service allows an unauthorized attacker to bypass a security feature with a physical attack.
CVE-2026-32072	Med	0.40	6.2	0.00		Apr 14, 2026	Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally.
CVE-2026-26169	Med	0.40	6.1	0.00		Apr 14, 2026	Buffer over-read in Windows Kernel Memory allows an authorized attacker to disclose information locally.
CVE-2026-23670	Med	0.37	5.7	0.00		Apr 14, 2026	Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.
CVE-2026-32218	Med	0.36	5.5	0.00		Apr 14, 2026	Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.
CVE-2026-32217	Med	0.36	5.5	0.00		Apr 14, 2026	Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.
CVE-2026-32215	Med	0.36	5.5	0.00		Apr 14, 2026	Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.
CVE-2026-32214	Med	0.36	5.5	0.00		Apr 14, 2026	Improper access control in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally.

Page 5 of 6