Windows 11 25h2
by Microsoft
CVEs (597)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-20853 | 0.00 | — | 0.00 | Jan 13, 2026 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows WalletService allows an unauthorized attacker to elevate privileges locally. | |||
| CVE-2026-20849 | 0.00 | — | 0.01 | Jan 13, 2026 | Reliance on untrusted inputs in a security decision in Windows Kerberos allows an authorized attacker to elevate privileges over a network. | |||
| CVE-2026-20848 | 0.00 | — | 0.01 | Jan 13, 2026 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network. | |||
| CVE-2026-20843 | 0.00 | — | 0.03 | Jan 13, 2026 | Improper access control in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally. | |||
| CVE-2026-21221 | 0.00 | — | 0.00 | Jan 13, 2026 | Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an authorized attacker to elevate privileges locally. | |||
| CVE-2026-20938 | 0.00 | — | 0.00 | Jan 13, 2026 | Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. | |||
| CVE-2026-20934 | 0.00 | — | 0.01 | Jan 13, 2026 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network. | |||
| CVE-2026-20932 | 0.00 | — | 0.01 | Jan 13, 2026 | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. | |||
| CVE-2026-20927 | 0.00 | — | 0.01 | Jan 13, 2026 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to deny service over a network. | |||
| CVE-2026-20926 | 0.00 | — | 0.01 | Jan 13, 2026 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network. | |||
| CVE-2026-20925 | 0.00 | — | 0.17 | Jan 13, 2026 | External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. | |||
| CVE-2026-20924 | 0.00 | — | 0.00 | Jan 13, 2026 | Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. | |||
| CVE-2026-20923 | 0.00 | — | 0.00 | Jan 13, 2026 | Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. | |||
| CVE-2026-20922 | 0.00 | — | 0.01 | Jan 13, 2026 | Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally. | |||
| CVE-2026-20919 | 0.00 | — | 0.01 | Jan 13, 2026 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network. | |||
| CVE-2026-20918 | 0.00 | — | 0.00 | Jan 13, 2026 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally. | |||
| CVE-2026-20877 | 0.00 | — | 0.00 | Jan 13, 2026 | Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. | |||
| CVE-2026-20876 | 0.00 | — | 0.01 | Jan 13, 2026 | Heap-based buffer overflow in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. | |||
| CVE-2026-20875 | 0.00 | — | 0.02 | Jan 13, 2026 | Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network. | |||
| CVE-2026-20869 | 0.00 | — | 0.00 | Jan 13, 2026 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Local Session Manager (LSM) allows an authorized attacker to elevate privileges locally. |
- CVE-2026-20853Jan 13, 2026risk 0.00cvss —epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows WalletService allows an unauthorized attacker to elevate privileges locally.
- CVE-2026-20849Jan 13, 2026risk 0.00cvss —epss 0.01
Reliance on untrusted inputs in a security decision in Windows Kerberos allows an authorized attacker to elevate privileges over a network.
- CVE-2026-20848Jan 13, 2026risk 0.00cvss —epss 0.01
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.
- CVE-2026-20843Jan 13, 2026risk 0.00cvss —epss 0.03
Improper access control in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally.
- CVE-2026-21221Jan 13, 2026risk 0.00cvss —epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an authorized attacker to elevate privileges locally.
- CVE-2026-20938Jan 13, 2026risk 0.00cvss —epss 0.00
Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
- CVE-2026-20934Jan 13, 2026risk 0.00cvss —epss 0.01
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.
- CVE-2026-20932Jan 13, 2026risk 0.00cvss —epss 0.01
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.
- CVE-2026-20927Jan 13, 2026risk 0.00cvss —epss 0.01
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to deny service over a network.
- CVE-2026-20926Jan 13, 2026risk 0.00cvss —epss 0.01
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.
- CVE-2026-20925Jan 13, 2026risk 0.00cvss —epss 0.17
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
- CVE-2026-20924Jan 13, 2026risk 0.00cvss —epss 0.00
Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.
- CVE-2026-20923Jan 13, 2026risk 0.00cvss —epss 0.00
Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.
- CVE-2026-20922Jan 13, 2026risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.
- CVE-2026-20919Jan 13, 2026risk 0.00cvss —epss 0.01
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.
- CVE-2026-20918Jan 13, 2026risk 0.00cvss —epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.
- CVE-2026-20877Jan 13, 2026risk 0.00cvss —epss 0.00
Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.
- CVE-2026-20876Jan 13, 2026risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
- CVE-2026-20875Jan 13, 2026risk 0.00cvss —epss 0.02
Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.
- CVE-2026-20869Jan 13, 2026risk 0.00cvss —epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Local Session Manager (LSM) allows an authorized attacker to elevate privileges locally.
Page 19 of 30