7
CVE-2025-26640 - Windows Digital Media Elevation of Privilege Vulnerability
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
7.8
CVE-2025-26642 - Microsoft Office Remote Code Execution Vulnerability
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
6.8
CVE-2025-26637 - BitLocker Security Feature Bypass Vulnerability
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
6.5
CVE-2025-26635 - Windows Hello Security Feature Bypass Vulnerability
Weak authentication in Windows Hello allows an authorized attacker to bypass a security feature over a network.
7.8
CVE-2025-26639 - Windows USB Print Driver Elevation of Privilege Vulnerability
Integer overflow or wraparound in Windows USB Print Driver allows an authorized attacker to elevate privileges locally.
7.3
CVE-2025-26628 - Azure Local Cluster Information Disclosure Vulnerability
Insufficiently protected credentials in Azure Local Cluster allows an authorized attacker to disclose information locally.
6.8
CVE-2025-25002 - Azure Local Cluster Information Disclosure Vulnerability
Insertion of sensitive information into log file in Azure Local Cluster allows an authorized attacker to disclose information over an adjacent network.
7.8
CVE-2025-24058 - Windows DWM Core Library Elevation of Privilege Vulnerability
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
8.8
CVE-2025-21222 - Windows Telephony Service Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
8.8
CVE-2025-21221 - Windows Telephony Service Remote Code Execution Vulnerability
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.