microsoft windows_server_2025 の CVE（1,205 件）

CVE 件数: 1,205 CPE versions: View versions table

概要

本ページは microsoft windows_server_2025 に影響する公開済み CVE（NVD の CPE 経由で関連付け）を列挙します。各行に深刻度指標・概要・公開日が含まれます。

CVE	概要	ソース	CVSS 最大値	EPSS（%）	公開	更新
CVE-2026-45585	Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices. We are issuing this CVE to provide mitigation guidance that can be implemented to protect against this vulnerability until the security update is made available.	[email protected]	6.8	0.08%	2026-05-20	2026-05-20
CVE-2026-42896	Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.	[email protected]	7.8	0.06%	2026-05-12	2026-05-14
CVE-2026-42825	Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.	[email protected]	7.0	0.04%	2026-05-12	2026-05-14
CVE-2026-41097	Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.	[email protected]	6.7	0.26%	2026-05-12	2026-05-15
CVE-2026-41096	Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network.	[email protected]	9.8	0.04%	2026-05-12	2026-05-15
CVE-2026-41095	Use after free in Data Deduplication allows an authorized attacker to elevate privileges locally.	[email protected]	7.8	0.04%	2026-05-12	2026-05-15
CVE-2026-41089	Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network.	[email protected]	9.8	0.09%	2026-05-12	2026-05-15
CVE-2026-41088	Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.	[email protected]	7.8	0.07%	2026-05-12	2026-06-01
CVE-2026-40415	Use after free in Windows TCP/IP allows an unauthorized attacker to execute code over a network.	[email protected]	8.1	0.09%	2026-05-12	2026-05-15
CVE-2026-40414	Windows TCP/IP Denial of Service Vulnerability	[email protected]	7.4	0.14%	2026-05-12	2026-06-01
CVE-2026-40413	Windows TCP/IP Denial of Service Vulnerability	[email protected]	7.4	0.14%	2026-05-12	2026-06-01
CVE-2026-40410	Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally.	[email protected]	7.0	0.04%	2026-05-12	2026-05-15
CVE-2026-40408	Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.	[email protected]	7.8	0.04%	2026-05-12	2026-05-15
CVE-2026-40407	Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.	[email protected]	7.8	0.04%	2026-05-12	2026-05-15
CVE-2026-40406	Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network.	[email protected]	7.5	0.06%	2026-05-12	2026-05-15
CVE-2026-40405	Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over a network.	[email protected]	7.5	0.15%	2026-05-12	2026-05-15
CVE-2026-40403	Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to execute code locally.	[email protected]	8.8	0.02%	2026-05-12	2026-05-15
CVE-2026-40401	Windows TCP/IP Denial of Service Vulnerability	[email protected]	7.1	0.05%	2026-05-12	2026-06-01
CVE-2026-40399	Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.	[email protected]	7.8	0.05%	2026-05-12	2026-06-01
CVE-2026-40398	Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.	[email protected]	7.8	0.04%	2026-05-12	2026-05-15

cvelogic Threat Intelligence