CVE-2025-59281
Improper link resolution before file access ('link following') in XBox Gaming Services allows an authorized attacker to elevate privileges locally.
CVE-2025-55245
Improper link resolution before file access ('link following') in Xbox allows an authorized attacker to elevate privileges locally.
CVE-2025-55242
Exposure of sensitive information to an unauthorized actor in Xbox allows an unauthorized attacker to disclose information over a network.