CVE-2026-21251
Use after free in Windows Cluster Client Failover allows an authorized attacker to elevate privileges locally.
CVE-2026-20818
Insertion of sensitive information into log file in Windows Kernel allows an unauthorized attacker to disclose information locally.
CVE-2025-60713
Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally.
CVE-2025-59260
Exposure of sensitive information to an unauthorized actor in Microsoft Failover Cluster Virtual Driver allows an authorized attacker to disclose information locally.
CVE-2025-59186
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.
CVE-2025-59184
Exposure of sensitive information to an unauthorized actor in Windows High Availability Services allows an authorized attacker to disclose information locally.
CVE-2025-55683
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.
CVE-2025-49666
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to execute code over a network.
CVE-2025-33050
Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network.
CVE-2025-32725
Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network.
CVE-2025-26677
Uncontrolled resource consumption in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network.
CVE-2025-27482
Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.
CVE-2025-25008
Improper link resolution before file access ('link following') in Microsoft Windows allows an authorized attacker to elevate privileges locally.
CVE-2025-21225
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
CVE-2025-21193
Active Directory Federation Server Spoofing Vulnerability