VYPR

Windows 11 25h2

by Microsoft

CVEs (597)

  • CVE-2026-27930MedApr 14, 2026
    risk 0.36cvss 5.5epss 0.00

    Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally.

  • CVE-2026-20806MedApr 14, 2026
    risk 0.36cvss 5.5epss 0.00

    Access of resource using incompatible type ('type confusion') in Windows COM allows an authorized attacker to disclose information locally.

  • CVE-2026-25180MedMar 10, 2026
    risk 0.36cvss 5.5epss 0.01

    Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose information locally.

  • CVE-2026-45595MedJun 9, 2026
    risk 0.35cvss 5.4epss 0.00

    Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature over a network.

  • CVE-2026-35423MedMay 12, 2026
    risk 0.35cvss 5.4epss 0.01

    Out-of-bounds read in Telnet Client allows an unauthorized attacker to disclose information over a network.

  • CVE-2026-45655MedJun 9, 2026
    risk 0.34cvss 5.3epss 0.00

    Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

  • CVE-2026-42914MedJun 9, 2026
    risk 0.34cvss 5.3epss 0.01

    Windows Kerberos Denial of Service Vulnerability

  • CVE-2026-33829MedApr 14, 2026
    risk 0.31cvss 4.3epss 0.03

    Exposure of sensitive information to an unauthorized actor in Windows Snipping Tool allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2026-26175MedApr 14, 2026
    risk 0.30cvss 4.6epss 0.00

    Use of uninitialized resource in Windows Boot Manager allows an unauthorized attacker to bypass a security feature with a physical attack.

  • CVE-2026-20928MedApr 14, 2026
    risk 0.30cvss 4.6epss 0.00

    Improper removal of sensitive information before storage or transfer in Windows Recovery Environment Agent allows an unauthorized attacker to bypass a security feature with a physical attack.

  • CVE-2026-32209MedMay 12, 2026
    risk 0.29cvss 4.4epss 0.00

    Improper access control in Windows Filtering Platform (WFP) allows an authorized attacker to bypass a security feature locally.

  • CVE-2026-32220MedApr 14, 2026
    risk 0.29cvss 4.4epss 0.00

    Improper access control in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.

  • CVE-2026-27906MedApr 14, 2026
    risk 0.29cvss 4.4epss 0.00

    Improper input validation in Windows Hello allows an authorized attacker to bypass a security feature locally.

  • CVE-2026-45642LowJun 9, 2026
    risk 0.25cvss 3.9epss 0.00

    Improper input validation in Microsoft Azure Attestation service and Device Health Attestation Service allows an authorized attacker to perform spoofing with a physical attack.

  • CVE-2025-62215KEVNov 11, 2025
    risk 0.15cvss epss 0.06

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally.

  • CVE-2026-21513KEVFeb 10, 2026
    risk 0.14cvss epss 0.15

    Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network.

  • CVE-2026-21533KEVFeb 10, 2026
    risk 0.14cvss epss 0.04

    Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

  • CVE-2026-21525KEVFeb 10, 2026
    risk 0.13cvss epss 0.05

    Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally.

  • CVE-2026-21510KEVFeb 10, 2026
    risk 0.12cvss epss 0.26

    Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.

  • CVE-2026-21519KEVFeb 10, 2026
    risk 0.12cvss epss 0.02

    Access of resource using incompatible type ('type confusion') in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

Page 14 of 30