CVE-2025-50171
Missing authorization in Remote Desktop Server allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-47978
Out-of-bounds read in Windows Kerberos allows an authorized attacker to deny service over a network.
CVE-2025-29808
Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally.