Microsoft: >> Windows Server 2022 >> 10.0.20348.2402 Security Vulnerabilities
CVE-2026-21525
Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally.
Known exploited
CVSS Score
6.2
EPSS Score
0.037
Published
2026-02-10
Improper authentication in Windows Storage allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2026-02-10
CVE-2026-21510
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.
Known exploited
CVSS Score
8.8
EPSS Score
0.042
Published
2026-02-10
Improper access control in Windows Hyper-V allows an authorized attacker to bypass a security feature locally.
CVSS Score
8.8
EPSS Score
0.0
Published
2026-02-10
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-02-10
Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally.
CVSS Score
7.3
EPSS Score
0.0
Published
2026-02-10
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.
CVSS Score
7.3
EPSS Score
0.0
Published
2026-02-10
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing locally.
CVSS Score
3.3
EPSS Score
0.0
Published
2026-02-10
Use after free in Windows Cluster Client Failover allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-02-10
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2026-02-10