Microsoft: >> Windows Server 2025 >> 10.0.26100.2605 Security Vulnerabilities
External control of file name or path in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2026-03-10
Out-of-bounds read in Windows Resilient File System (ReFS) allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-03-10
Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-03-10
Use after free in Windows Print Spooler Components allows an authorized attacker to execute code over a network.
CVSS Score
8.8
EPSS Score
0.001
Published
2026-03-10
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2026-03-10
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.0
Published
2026-03-10
CVE-2026-21533
Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.
Known exploited
CVSS Score
7.8
EPSS Score
0.031
Published
2026-02-10
CVE-2026-21519
Access of resource using incompatible type ('type confusion') in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
Known exploited
CVSS Score
7.8
EPSS Score
0.036
Published
2026-02-10
CVE-2026-21525
Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally.
Known exploited
CVSS Score
6.2
EPSS Score
0.037
Published
2026-02-10
Improper authentication in Windows Storage allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2026-02-10