本ページは microsoft windows_11_24H2 に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2026-58598 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Backup Engine allows an authorized attacker to elevate privileges locally. | [email protected] | 7.0 | — | 2026-07-16 | 2026-07-16 |
| CVE-2026-58638 | Missing cryptographic step in Windows Boot Loader allows an authorized attacker to bypass a security feature locally. | [email protected] | 6.0 | 0.23% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58637 | Use after free in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally. | [email protected] | 7.0 | 0.23% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58632 | Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally. | [email protected] | 7.8 | 0.30% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58629 | Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally. | [email protected] | 7.0 | 0.23% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58628 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Wireless Networking allows an authorized attacker to elevate privileges locally. | [email protected] | 7.8 | 0.19% | 2026-07-14 | 2026-07-17 |
| CVE-2026-58626 | Use after free in Windows Remote Desktop Services allows an authorized attacker to execute code over a network. | [email protected] | 8.8 | 0.85% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58619 | Use after free in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally. | [email protected] | 7.0 | 0.23% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58613 | Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. | [email protected] | 7.8 | 0.30% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58594 | Integer overflow or wraparound in Windows RDP allows an unauthorized attacker to execute code over a network. | [email protected] | 8.8 | 0.78% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58547 | Heap-based buffer overflow in Universal Plug and Play (upnp.dll) allows an authorized attacker to elevate privileges locally. | [email protected] | 5.5 | 0.36% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58546 | Use of uninitialized resource in Windows RDP allows an unauthorized attacker to disclose information over a network. | [email protected] | 6.5 | 0.51% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58545 | Improper access control in Windows Kernel allows an authorized attacker to bypass a security feature locally. | [email protected] | 5.5 | 0.25% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58544 | Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. | [email protected] | 7.0 | 0.23% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58543 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows USB Print Driver allows an authorized attacker to elevate privileges with a physical attack. | [email protected] | 6.3 | 0.17% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58542 | Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally. | [email protected] | 7.8 | 0.45% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58541 | Access of resource using incompatible type ('type confusion') in Windows DWM allows an authorized attacker to elevate privileges locally. | [email protected] | 7.8 | 0.30% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58540 | Improper authorization in Windows Installer allows an authorized attacker to elevate privileges locally. | [email protected] | 7.8 | 0.28% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58539 | Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network. | [email protected] | 6.5 | 0.89% | 2026-07-14 | 2026-07-16 |
| CVE-2026-58538 | Heap-based buffer overflow in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. | [email protected] | 7.8 | 0.32% | 2026-07-14 | 2026-07-16 |