7.8
CVE-2025-27731 - Microsoft OpenSSH for Windows Elevation of Privilege Vulnerability
Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate privileges locally.
7.8
CVE-2025-27728 - Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Out-of-bounds read in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.
7.8
CVE-2025-27729 - Windows Shell Remote Code Execution Vulnerability
Use after free in Windows Shell allows an unauthorized attacker to execute code locally.
7.8
CVE-2025-27727 - Windows Installer Elevation of Privilege Vulnerability
Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.
7.8
CVE-2025-27490 - Windows Bluetooth Service Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.
7.1
CVE-2025-27491 - Windows Hyper-V Remote Code Execution Vulnerability
Use after free in Windows Hyper-V allows an authorized attacker to execute code over a network.
7
CVE-2025-27492 - Windows Secure Channel Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally.
7.5
CVE-2025-27486 - Windows Standards-Based Storage Management Service Denial of Service Vulnerability
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
7.8
CVE-2025-27489 - Azure Local Elevation of Privilege Vulnerability
Improper input validation in Azure Local allows an authorized attacker to elevate privileges locally.
8
CVE-2025-27487 - Remote Desktop Client Remote Code Execution Vulnerability
Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network.