Windows Server 2022 23h2

windows_server_2022_23h2

Vendor: Microsoft • 1,676 CVEs

CVEs (1,676)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-42825 1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 more May 14, 2026 May 12, 2026 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
CVE-2026-41097 1Microsoft 11Windows 10 1809 Windows 10 21h2Windows 10 22h2+8 more May 15, 2026 May 12, 2026 N/A· v4 6.7 MEDIUM· v3 N/A· v2 Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
CVE-2026-41096 1Microsoft 6Windows 11 23h2 Windows 11 24h2Windows 11 25h2+3 more May 15, 2026 May 12, 2026 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network.
CVE-2026-41095 1Microsoft 6Windows Server 2012 Windows Server 2016Windows Server 2019+3 more May 15, 2026 May 12, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Data Deduplication allows an authorized attacker to elevate privileges locally.
CVE-2026-41089 1Microsoft 6Windows Server 2012 Windows Server 2016Windows Server 2019+3 more May 15, 2026 May 12, 2026 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network.
CVE-2026-41088 1Microsoft 9Windows 10 21h2 Windows 10 22h2Windows 11 23h2+6 more Jun 1, 2026 May 12, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-40415 1Microsoft 11Windows 10 1809 Windows 10 21h2Windows 10 22h2+8 more May 15, 2026 May 12, 2026 N/A· v4 8.1 HIGH· v3 N/A· v2 Use after free in Windows TCP/IP allows an unauthorized attacker to execute code over a network.
CVE-2026-40414 1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 more Jun 1, 2026 May 12, 2026 N/A· v4 7.4 HIGH· v3 N/A· v2 Windows TCP/IP Denial of Service Vulnerability
CVE-2026-40413 1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 more Jun 1, 2026 May 12, 2026 N/A· v4 7.4 HIGH· v3 N/A· v2 Windows TCP/IP Denial of Service Vulnerability
CVE-2026-40410 1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 more May 15, 2026 May 12, 2026 N/A· v4 7.0 HIGH· v3 N/A· v2 Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally.
CVE-2026-40408 1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 more May 15, 2026 May 12, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.
CVE-2026-40407 1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 more May 15, 2026 May 12, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-40406 1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 more May 15, 2026 May 12, 2026 N/A· v4 7.5 HIGH· v3 N/A· v2 Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network.
CVE-2026-40403 1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 more May 15, 2026 May 12, 2026 N/A· v4 8.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to execute code locally.
CVE-2026-40401 1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 more Jun 1, 2026 May 12, 2026 N/A· v4 7.1 HIGH· v3 N/A· v2 Windows TCP/IP Denial of Service Vulnerability
CVE-2026-40399 1Microsoft 13Windows 10 1607 Windows 10 1809Windows 10 21h2+10 more Jun 1, 2026 May 12, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
CVE-2026-40398 1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 more May 15, 2026 May 12, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.
CVE-2026-40397 1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 more Jun 1, 2026 May 12, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-40382 1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 more May 15, 2026 May 12, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
CVE-2026-40380 1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 more May 14, 2026 May 12, 2026 N/A· v4 6.2 MEDIUM· v3 N/A· v2 Heap-based buffer overflow in Volume Manager Extension Driver allows an authorized attacker to execute code with a physical attack.

12 3 4 5...84 Next