CVSS: 6.7EPSS: %CPEs: 10EXPL: 0CVE-2025-26681 – Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-26681
08 Apr 2025 — Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26681 • CWE-416: Use After Free •
CVSS: 7.5EPSS: %CPEs: 25EXPL: 0CVE-2025-26668 – Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-26668
08 Apr 2025 — Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26668 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: %CPEs: 25EXPL: 0CVE-2025-26669 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-26669
08 Apr 2025 — Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26669 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: %CPEs: 13EXPL: 0CVE-2025-26666 – Windows Media Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-26666
08 Apr 2025 — Heap-based buffer overflow in Windows Media allows an authorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26666 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.0EPSS: %CPEs: 25EXPL: 0CVE-2025-26665 – Windows upnphost.dll Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-26665
08 Apr 2025 — Sensitive data storage in improperly locked memory in Windows upnphost.dll allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26665 • CWE-591: Sensitive Data Storage in Improperly Locked Memory •
CVSS: 8.1EPSS: %CPEs: 25EXPL: 0CVE-2025-26663 – Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-26663
08 Apr 2025 — Use after free in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26663 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 28EXPL: 0CVE-2025-26645 – Remote Desktop Client Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-26645
11 Mar 2025 — Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26645 • CWE-23: Relative Path Traversal CWE-284: Improper Access Control •
CVSS: 7.0EPSS: 1%CPEs: 26EXPL: 0CVE-2025-26633 – Microsoft Windows Management Console (MMC) Improper Neutralization Vulnerability
https://notcve.org/view.php?id=CVE-2025-26633
11 Mar 2025 — Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of MSC files. The product does not warn the user before loading an unexpected MSC file. An a... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26633 • CWE-707: Improper Neutralization •
CVSS: 7.3EPSS: 0%CPEs: 4EXPL: 0CVE-2025-24994 – Microsoft Windows Cross Device Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24994
11 Mar 2025 — Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24994 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 4%CPEs: 26EXPL: 0CVE-2025-24993 – Microsoft Windows NTFS Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2025-24993
11 Mar 2025 — Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally. Microsoft Windows New Technology File System (NTFS) contains a heap-based buffer overflow vulnerability that allows an unauthorized attacker to execute code locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24993 • CWE-122: Heap-based Buffer Overflow •