Microsoft Windows Vulnerabilities

Fix Microsoft Windows on Windows Server

164 entries · Windows Server · Sorted by severity

Showing 1–164 of 164 results

	Severity	Title	CVE ID	CVSS	Exploit	Reboot	Script
Active exploitation	CRITICALCISA KEV	KB4022714: Windows Server 2012 R2 / 2016 Security Update (June 2017)Microsoft Windows Search Remote Code Execution Vulnerability (CVE-2017-8543)Microsoft Windows	CVE-2017-8543	9.8	In the wild	Reboot Required	Script
Active exploitation	CRITICALCISA KEV	KB4558998: Windows Server 2019 / 2016 / 2012 R2 Security Update (July 2020)Microsoft Windows DNS Server Remote Code Execution Vulnerability (CVE-2020-1350)Microsoft Windows	CVE-2020-1350	10.0	In the wild	Reboot Required	Script
Active exploitation	CRITICALCISA KEV	KB5070879: Windows Server 2019 / 2022 / 2025 +more Security Update (October 2025)Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability (CVE-2025-59287)Microsoft Windows	CVE-2025-59287	9.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4512578: Windows Server 2019 / 2016 / 2012 R2 Security Update (September 2019)Microsoft Windows Privilege Common Log File System (CLFS) Escalation Vulnerability (CVE-2019-1214)Microsoft Windows	CVE-2019-1214	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4549949: Windows Server 2019 / 2016 / 2012 R2 Security Update (April 2020)Microsoft Windows Adobe Font Manager Library Remote Code Execution Vulnerability (CVE-2020-1020)Microsoft Windows	CVE-2020-1020	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB3176492: Windows Server 2012 R2 Security Update (August 2016)Microsoft Windows Kernel Privilege Escalation Vulnerability (CVE-2016-3309)Microsoft Windows	CVE-2016-3309	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5053594: Windows Server 2019 / 2022 / 2025 +more Security Update (March 2025)Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability (CVE-2025-24985)Microsoft Windows	CVE-2025-24985	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	Microsoft Windows Out-of-Bounds Write Vulnerability (CVE-2013-3918)Microsoft Windows	CVE-2013-3918	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	Microsoft Windows Remote Code Execution Vulnerability (CVE-2011-3402)Microsoft Windows	CVE-2011-3402	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5012591: Windows Server 2019 / 2022 / 2016 +more Security Update (April 2022)Microsoft Windows User Profile Service Privilege Escalation Vulnerability (CVE-2022-26904)Microsoft Windows	CVE-2022-26904	7.0	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5032189: Windows Server 2022 / 2019 / 2016 +more Security Update (November 2023)Microsoft Windows Out-of-Bounds Read Vulnerability (CVE-2023-36424)Microsoft Windows	CVE-2023-36424	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability (CVE-2008-0015)Microsoft Windows	CVE-2008-0015	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	Microsoft Windows AppX Installer Spoofing Vulnerability (CVE-2021-43890)Microsoft Windows	CVE-2021-43890	7.1	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4549949: Windows Server 2019 / 2016 / 2012 R2 Security Update (April 2020)Microsoft Windows Kernel Privilege Escalation Vulnerability (CVE-2020-1027)Microsoft Windows	CVE-2020-1027	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5003635: Windows Server Security Update (June 2021)Microsoft Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability (CVE-2021-33739)Microsoft Windows	CVE-2021-33739	8.4	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5072014: Windows Server 2025 Security Update (November 2025)Microsoft Windows Link Following Vulnerability (CVE-2025-60710)Microsoft Windows	CVE-2025-60710	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5044273: Windows Server 2019 / 2022 / 2016 +more Security Update (October 2024)Microsoft Windows Management Console Remote Code Execution Vulnerability (CVE-2024-43572)Microsoft Windows	CVE-2024-43572	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5032189: Windows Server 2019 / 2022 / 2016 +more Security Update (November 2023)Microsoft Windows SmartScreen Security Feature Bypass Vulnerability (CVE-2023-36025)Microsoft Windows	CVE-2023-36025	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5028166: Windows Server 2019 / 2022 / 2016 +more Security Update (July 2023)Microsoft Windows Error Reporting Service Privilege Escalation Vulnerability (CVE-2023-36874)Microsoft Windows	CVE-2023-36874	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5019080: Windows Server 2019 / 2022 / 2016 +more Security Update (November 2022)Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability (CVE-2022-41125)Microsoft Windows	CVE-2022-41125	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	Microsoft Windows Authenticode Signature Verification Remote Code Execution Vulnerability (CVE-2012-0151)Microsoft Windows	CVE-2012-0151	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5009543: Windows Server 2019 / 2022 / 2016 +more Security Update (January 2022)Microsoft Windows User Profile Service Privilege Escalation Vulnerability (CVE-2022-21919)Microsoft Windows	CVE-2022-21919	7.0	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	Microsoft Windows Kernel Privilege Escalation Vulnerability (CVE-2016-0040)Microsoft Windows	CVE-2016-0040	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	Microsoft Windows Object Linking & Embedding (OLE) Automation Array Remote Code Execution Vulnerability (CVE-2014-6332)Microsoft Windows	CVE-2014-6332	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4503267: Windows Server 2019 / 2016 Security Update (June 2019)Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability (CVE-2019-1064)Microsoft Windows	CVE-2019-1064	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	Microsoft Windows Object Linking & Embedding (OLE) Remote Code Execution Vulnerability (CVE-2014-4114)Microsoft Windows	CVE-2014-4114	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	Microsoft Windows Improper Input Validation Vulnerability (CVE-2009-1123)Microsoft Windows	CVE-2009-1123	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	Microsoft Windows Privilege Escalation Vulnerability (CVE-2002-0367)Microsoft Windows	CVE-2002-0367	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	Microsoft Windows Code Injection Vulnerability (CVE-2014-6352)Microsoft Windows	CVE-2014-6352	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4103712: Windows Server 2016 / 2012 R2 Security Update (May 2018)Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability (CVE-2018-8174)Microsoft Windows	CVE-2018-8174	7.5	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5003635: Windows Server 2019 / 2016 / 2012 R2 Security Update (June 2021)Microsoft Windows NTFS Privilege Escalation Vulnerability (CVE-2021-31956)Microsoft Windows	CVE-2021-31956	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4494440: Windows Server 2019 / 2016 / 2012 R2 Security Update (May 2019)Microsoft Windows Error Reporting (WER) Privilege Escalation Vulnerability (CVE-2019-0863)Microsoft Windows	CVE-2019-0863	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5053594: Windows Server 2019 / 2022 / 2025 +more Security Update (March 2025)Microsoft Windows NTFS Heap-Based Buffer Overflow Vulnerability (CVE-2025-24993)Microsoft Windows	CVE-2025-24993	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4471318: Windows Server 2016 / 2012 R2 / 2019 Security Update (December 2018)Microsoft Windows Win32k Improper Resource Shutdown or Release Vulnerability (CVE-2018-8639)Microsoft Windows	CVE-2018-8639	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5012591: Windows Server 2019 / 2022 / 2016 +more Security Update (April 2022)Microsoft Windows CLFS Driver Privilege Escalation Vulnerability (CVE-2022-24521)Microsoft Windows	CVE-2022-24521	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5032189: Windows Server 2019 / 2022 Security Update (November 2023)Microsoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability (CVE-2023-36033)Microsoft Windows	CVE-2023-36033	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5035845: Windows Server 2019 / 2022 / 2016 +more Security Update (March 2024)Microsoft Windows Error Reporting Service Improper Privilege Management Vulnerability (CVE-2024-26169)Microsoft Windows	CVE-2024-26169	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB3185330: Windows Server 2012 R2 Security Update (October 2016)Microsoft Windows Graphics Device Interface (GDI) Remote Code Execution Vulnerability (CVE-2016-3393)Microsoft Windows	CVE-2016-3393	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5039211: Windows Server 2019 / 2022 / 2016 Security Update (June 2024)Microsoft Windows Kernel TOCTOU Race Condition Vulnerability (CVE-2024-30088)Microsoft Windows	CVE-2024-30088	7.0	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5042880: Windows Server 2019 / 2022 / 2016 +more Security Update (September 2024)Microsoft Windows MSHTML Platform Spoofing Vulnerability (CVE-2024-43461)Microsoft Windows	CVE-2024-43461	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5005030: Windows Server 2019 Security Update (August 2021)Microsoft Windows Update Medic Service Privilege Escalation Vulnerability (CVE-2021-36948)Microsoft Windows	CVE-2021-36948	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5008206: Windows Server 2019 / 2022 / 2016 +more Security Update (December 2021)Microsoft Windows Privilege Escalation Vulnerability (CVE-2021-43226)Microsoft Windows	CVE-2021-43226	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4523205: Windows Server 2019 / 2016 / 2012 R2 Security Update (November 2019)Microsoft Windows Universal Plug and Play (UPnP) Service Privilege Escalation Vulnerability (CVE-2019-1405)Microsoft Windows	CVE-2019-1405	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4565349: Windows Server 2019 / 2016 / 2012 R2 Security Update (August 2020)Microsoft Windows Spoofing Vulnerability (CVE-2020-1464)Microsoft Windows	CVE-2020-1464	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5005030: Windows Server 2019 / 2016 / 2012 R2 Security Update (August 2021)Microsoft Windows User Profile Service Privilege Escalation Vulnerability (CVE-2021-34484)Microsoft Windows	CVE-2021-34484	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	Microsoft Windows Kernel Stack-Based Buffer Overflow Vulnerability (CVE-2010-4398)Microsoft Windows	CVE-2010-4398	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5003635: Windows Server 2019 / 2016 / 2012 R2 Security Update (June 2021)Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability (CVE-2021-33742)Microsoft Windows	CVE-2021-33742	7.5	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4011981: Windows Server Security Update (March 2017)Microsoft Windows Transaction Manager Privilege Escalation Vulnerability (CVE-2017-0101)Microsoft Windows	CVE-2017-0101	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5034763: Windows Server 2022 / 2019 Security Update (February 2024)Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability (CVE-2024-21412)Microsoft Windows	CVE-2024-21412	8.1	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5005030: Windows Server 2019 Security Update (August 2021)Microsoft Windows Event Tracing Privilege Escalation Vulnerability (CVE-2021-34486)Microsoft Windows	CVE-2021-34486	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5041160: Windows Server 2019 / 2022 / 2016 +more Security Update (August 2024)Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability (CVE-2024-38193)Microsoft Windows	CVE-2024-38193	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	Microsoft Windows Remote Code Execution Vulnerability (CVE-2010-2568)Microsoft Windows	CVE-2010-2568	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5019080: Windows Server 2019 / 2022 / 2016 +more Security Update (November 2022)Microsoft Windows Scripting Languages Remote Code Execution Vulnerability (CVE-2022-41128)Microsoft Windows	CVE-2022-41128	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	Microsoft Windows Adobe Type Manager Library Remote Code Execution Vulnerability (CVE-2015-2426)Microsoft Windows	CVE-2015-2426	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5034763: Windows Server 2019 / 2022 / 2016 Security Update (February 2024)Microsoft Windows SmartScreen Security Feature Bypass Vulnerability (CVE-2024-21351)Microsoft Windows	CVE-2024-21351	7.6	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4586781: Windows Server 2019 / 2016 / 2012 R2 Security Update (November 2020)Microsoft Windows Kernel Privilege Escalation Vulnerability (CVE-2020-17087)Microsoft Windows	CVE-2020-17087	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5066586: Windows Server 2019 / 2022 / 2025 +more Security Update (October 2025)Microsoft Windows Untrusted Pointer Dereference Vulnerability (CVE-2025-24990)Microsoft Windows	CVE-2025-24990	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5049981: Windows Server 2025 / 2022 Security Update (January 2025)Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability (CVE-2025-21335)Microsoft Windows	CVE-2025-21335	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5060118: Windows Server 2019 / 2022 / 2025 +more Security Update (June 2025)Microsoft Windows External Control of File Name or Path Vulnerability (CVE-2025-33053)Microsoft Windows	CVE-2025-33053	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5042880: Windows Server 2019 / 2022 / 2016 +more Security Update (September 2024)Microsoft Windows Installer Improper Privilege Management Vulnerability (CVE-2024-38014)Microsoft Windows	CVE-2024-38014	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5041160: Windows Server 2019 / 2022 / 2016 +more Security Update (August 2024)Microsoft Windows Power Dependency Coordinator Privilege Escalation Vulnerability (CVE-2024-38107)Microsoft Windows	CVE-2024-38107	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5018410: Windows Server 2019 / 2022 / 2016 +more Security Update (October 2022)Microsoft Windows Print Spooler Privilege Escalation Vulnerability (CVE-2022-38028)Microsoft Windows	CVE-2022-38028	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5040431: Windows Server 2022 Security Update (July 2024)Microsoft Windows Hyper-V Privilege Escalation Vulnerability (CVE-2024-38080)Microsoft Windows	CVE-2024-38080	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4012212: Windows Server 2016 / 2012 R2 Security Update (March 2017)Microsoft Windows Graphics Device Interface (GDI) Privilege Escalation Vulnerability (CVE-2017-0005)Microsoft Windows	CVE-2017-0005	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4457128: Windows Server 2016 / 2012 R2 Security Update (September 2018)Microsoft Windows Privilege Escalation Vulnerability (CVE-2018-8440)Microsoft Windows	CVE-2018-8440	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5032189: Windows Server 2019 / 2022 / 2016 +more Security Update (November 2023)Microsoft Windows Cloud Files Mini Filter Driver Privilege Escalation Vulnerability (CVE-2023-36036)Microsoft Windows	CVE-2023-36036	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4512578: Windows Server 2019 Security Update (September 2019)Microsoft Windows AppX Deployment Server Privilege Escalation Vulnerability (CVE-2019-1253)Microsoft Windows	CVE-2019-1253	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	Microsoft Windows TS WebProxy Directory Traversal Vulnerability (CVE-2015-0016)Microsoft Windows	CVE-2015-0016	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5040426: Windows Server 2016 / 2012 R2 / 2022 +more Security Update (July 2024)Microsoft Windows MSHTML Platform Spoofing Vulnerability (CVE-2024-38112)Microsoft Windows	CVE-2024-38112	7.5	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB3150220: Windows Server Security Update (May 2016)Microsoft Windows Media Center Remote Code Execution Vulnerability (CVE-2016-0185)Microsoft Windows	CVE-2016-0185	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	Microsoft Windows Remote Code Execution Vulnerability (CVE-2014-4148)Microsoft Windows	CVE-2014-4148	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4471318: Windows Server 2019 / 2016 / 2012 R2 Security Update (December 2018)Microsoft Windows Kernel Privilege Escalation Vulnerability (CVE-2018-8611)Microsoft Windows	CVE-2018-8611	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4507435: Windows Server 2019 / 2016 / 2012 R2 Security Update (July 2019)Microsoft Windows AppX Deployment Service Privilege Escalation Vulnerability (CVE-2019-1130)Microsoft Windows	CVE-2019-1130	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5022834: Windows Server 2019 / 2022 / 2016 +more Security Update (February 2023)Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability (CVE-2023-23376)Microsoft Windows	CVE-2023-23376	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5005030: Windows Server 2019 / 2016 / 2012 R2 Security Update (August 2021)Microsoft Windows Local Security Authority (LSA) Spoofing Vulnerability (CVE-2021-36942)Microsoft Windows	CVE-2021-36942	7.5	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	Microsoft Windows Kernel Privilege Escalation Vulnerability (CVE-2013-5065)Microsoft Windows	CVE-2013-5065	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4012212: Windows Server 2012 R2 / 2016 Security Update (March 2017)Microsoft Windows SMB Remote Code Execution Vulnerability (CVE-2017-0146)Microsoft Windows	CVE-2017-0146	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5022282: Windows Server 2019 / 2022 / 2016 +more Security Update (January 2023)Microsoft Windows Advanced Local Procedure Call (ALPC) Privilege Escalation Vulnerability (CVE-2023-21674)Microsoft Windows	CVE-2023-21674	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	Microsoft Windows Kernel Exception Handler Vulnerability (CVE-2010-0232)Microsoft Windows	CVE-2010-0232	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4517389: Windows Server 2019 / 2016 / 2012 R2 Security Update (October 2019)Microsoft Windows Error Reporting Manager Privilege Escalation Vulnerability (CVE-2019-1315)Microsoft Windows	CVE-2019-1315	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5025221: Windows Server 2019 / 2022 / 2016 +more Security Update (April 2023)Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability (CVE-2023-28252)Microsoft Windows	CVE-2023-28252	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5053594: Windows Server 2019 / 2022 / 2025 +more Security Update (March 2025)Microsoft Windows Management Console (MMC) Improper Neutralization Vulnerability (CVE-2025-26633)Microsoft Windows	CVE-2025-26633	7.0	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5006667: Windows Server 2019 / 2022 / 2016 +more Security Update (October 2021)Microsoft Windows Win32k Privilege Escalation Vulnerability (CVE-2021-40449)Microsoft Windows	CVE-2021-40449	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	Microsoft Windows Secondary Logon Service Privilege Escalation Vulnerability (CVE-2016-0099)Microsoft Windows	CVE-2016-0099	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4012212: Windows Server 2012 R2 / 2016 Security Update (March 2017)Microsoft Windows Server Message Block (SMBv1) Remote Code Execution Vulnerability (CVE-2017-0143)Microsoft Windows	CVE-2017-0143	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5028166: Windows Server 2019 / 2022 / 2016 +more Security Update (July 2023)Microsoft Windows MSHTML Platform Privilege Escalation Vulnerability (CVE-2023-32046)Microsoft Windows	CVE-2023-32046	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5039211: Windows Server 2019 / 2022 / 2016 +more Security Update (June 2024)Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference Vulnerability (CVE-2024-35250)Microsoft Windows	CVE-2024-35250	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5041160: Windows Server 2019 / 2022 / 2016 +more Security Update (August 2024)Microsoft Windows Scripting Engine Memory Corruption Vulnerability (CVE-2024-38178)Microsoft Windows	CVE-2024-38178	7.5	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	Microsoft Windows Group Policy Preferences Password Privilege Escalation Vulnerability (CVE-2014-1812)Microsoft Windows	CVE-2014-1812	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	Microsoft Windows Remote Code Execution Vulnerability (CVE-2015-1671)Microsoft Windows	CVE-2015-1671	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5010342: Windows Server 2019 / 2022 / 2016 +more Security Update (February 2022)Microsoft Windows Print Spooler Privilege Escalation Vulnerability (CVE-2022-22718)Microsoft Windows	CVE-2022-22718	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5005565: Windows Server 2019 / 2022 / 2016 +more Security Update (September 2021)Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability (CVE-2021-36955)Microsoft Windows	CVE-2021-36955	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4512578: Windows Server 2019 / 2016 / 2012 R2 Security Update (September 2019)Microsoft Windows Privilege Escalation Vulnerability (CVE-2019-1215)Microsoft Windows	CVE-2019-1215	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5019080: Windows Server 2019 / 2022 / 2016 +more Security Update (November 2022)Microsoft Windows Print Spooler Privilege Escalation Vulnerability (CVE-2022-41073)Microsoft Windows	CVE-2022-41073	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4493441: Windows Server 2019 Security Update (April 2019)Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability (CVE-2019-0841)Microsoft Windows	CVE-2019-0841	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5049981: Windows Server 2025 / 2022 Security Update (January 2025)Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability (CVE-2025-21334)Microsoft Windows	CVE-2025-21334	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4517389: Windows Server 2019 Security Update (October 2019)Microsoft Windows Privilege Escalation Vulnerability (CVE-2019-1322)Microsoft Windows	CVE-2019-1322	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4528760: Windows Server 2019 / 2016 Security Update (January 2020)Microsoft Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601)Microsoft Windows	CVE-2020-0601	8.1	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5049981: Windows Server 2025 / 2022 Security Update (January 2025)Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based Buffer Overflow Vulnerability (CVE-2025-21333)Microsoft Windows	CVE-2025-21333	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	Microsoft Windows Privilege Escalation Vulnerability (CVE-2004-0210)Microsoft Windows	CVE-2004-0210	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4556799: Windows Server 2019 / 2016 / 2012 R2 Security Update (June 2020)Microsoft Windows Kernel Privilege Escalation Vulnerability (CVE-2020-0986)Microsoft Windows	CVE-2020-0986	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4507435: Windows Server 2019 Security Update (July 2019)Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability (CVE-2019-1129)Microsoft Windows	CVE-2019-1129	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5010342: Windows Server 2019 / 2022 Security Update (February 2022)Microsoft Windows Runtime Remote Code Execution Vulnerability (CVE-2022-21971)Microsoft Windows	CVE-2022-21971	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5041160: Windows Server 2019 / 2022 / 2016 Security Update (August 2024)Microsoft Windows Kernel Privilege Escalation Vulnerability (CVE-2024-38106)Microsoft Windows	CVE-2024-38106	7.0	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4507435: Windows Server 2019 / 2016 / 2012 R2 Security Update (July 2019)Microsoft Windows Privilege Escalation Vulnerability (CVE-2019-0880)Microsoft Windows	CVE-2019-0880	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB3197867: Windows Server 2016 / 2012 R2 Security Update (November 2016)Microsoft Windows Open Type Font Remote Code Execution Vulnerability (CVE-2016-7256)Microsoft Windows	CVE-2016-7256	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5066586: Windows Server 2019 / 2022 / 2025 +more Security Update (October 2025)Microsoft Windows Improper Access Control Vulnerability (CVE-2025-59230)Microsoft Windows	CVE-2025-59230	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5075897: Windows Server 2019 / 2022 / 2025 +more Security Update (February 2026)Microsoft Windows Shell Protection Mechanism Failure Vulnerability (CVE-2026-21510)Microsoft Windows	CVE-2026-21510	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5075897: Windows Server 2022 / 2019 / 2025 +more Security Update (February 2026)Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability (CVE-2026-21513)Microsoft Windows	CVE-2026-21513	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5075897: Windows Server 2019 / 2022 / 2025 +more Security Update (February 2026)Microsoft Windows Type Confusion Vulnerability (CVE-2026-21519)Microsoft Windows	CVE-2026-21519	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5071413: Windows Server 2025 / 2022 / 2019 Security Update (December 2025)Microsoft Windows Use After Free Vulnerability (CVE-2025-62221)Microsoft Windows	CVE-2025-62221	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5068779: Windows Server 2019 / 2022 / 2025 Security Update (November 2025)Microsoft Windows Race Condition Vulnerability (CVE-2025-62215)Microsoft Windows	CVE-2025-62215	7.0	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5055518: Windows Server 2019 / 2022 / 2025 +more Security Update (April 2025)Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability (CVE-2025-29824)Microsoft Windows	CVE-2025-29824	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5053594: Windows Server 2016 / 2012 R2 Security Update (March 2025)Microsoft Windows Win32k Use-After-Free Vulnerability (CVE-2025-24983)Microsoft Windows	CVE-2025-24983	7.0	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5048652: Windows Server 2019 / 2022 / 2025 +more Security Update (December 2024)Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability (CVE-2024-49138)Microsoft Windows	CVE-2024-49138	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4523205: Windows Server 2019 / 2016 / 2012 R2 Security Update (November 2019)Microsoft Windows Certificate Dialog Privilege Escalation Vulnerability (CVE-2019-1388)Microsoft Windows	CVE-2019-1388	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5022834: Windows Server 2019 / 2022 / 2016 +more Security Update (February 2023)Microsoft Windows Graphic Component Privilege Escalation Vulnerability (CVE-2023-21823)Microsoft Windows	CVE-2023-21823	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5015807: Windows Server 2019 / 2022 / 2016 +more Security Update (July 2022)Microsoft Windows Client Server Runtime Subsystem (CSRSS) Privilege Escalation Vulnerability (CVE-2022-22047)Microsoft Windows	CVE-2022-22047	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5013941: Windows Server 2019 / 2022 / 2016 +more Security Update (May 2022)Microsoft Windows LSA Spoofing Vulnerability (CVE-2022-26925)Microsoft Windows	CVE-2022-26925	8.1	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5010342: Windows Server 2019 / 2022 / 2016 +more Security Update (February 2022)Microsoft Windows Print Spooler Privilege Escalation Vulnerability (CVE-2022-21999)Microsoft Windows	CVE-2022-21999	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5003635: Windows Server 2019 / 2016 / 2012 R2 Security Update (June 2021)Microsoft Windows Print Spooler Remote Code Execution Vulnerability (CVE-2021-1675)Microsoft Windows	CVE-2021-1675	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5051974: Windows Server 2019 / 2022 / 2025 +more Security Update (February 2025)Microsoft Windows Storage Link Following Vulnerability (CVE-2025-21391)Microsoft Windows	CVE-2025-21391	7.1	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5046612: Windows Server 2025 / 2019 / 2022 +more Security Update (November 2024)Microsoft Windows Task Scheduler Privilege Escalation Vulnerability (CVE-2024-49039)Microsoft Windows	CVE-2024-49039	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4018556: Windows Server 2012 R2 / 2016 Security Update (May 2017)Microsoft Windows Privilege Escalation Vulnerability (CVE-2017-0213)Microsoft Windows	CVE-2017-0213	7.3	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4480116: Windows Server 2019 / 2016 / 2012 R2 Security Update (January 2019)Microsoft Windows Privilege Escalation Vulnerability (CVE-2019-0543)Microsoft Windows	CVE-2019-0543	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4532691: Windows Server 2019 / 2016 / 2012 R2 Security Update (February 2020)Microsoft Windows Installer Privilege Escalation Vulnerability (CVE-2020-0683)Microsoft Windows	CVE-2020-0683	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5004237: Windows Server 2019 / 2016 / 2012 R2 Security Update (July 2021)Microsoft Windows Kernel Privilege Escalation Vulnerability (CVE-2021-31979)Microsoft Windows	CVE-2021-31979	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5060118: Windows Server 2019 / 2022 / 2025 +more Security Update (June 2025)Microsoft Windows SMB Client Improper Access Control Vulnerability (CVE-2025-33073)Microsoft Windows	CVE-2025-33073	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5051974: Windows Server 2019 / 2022 / 2025 +more Security Update (February 2025)Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability (CVE-2025-21418)Microsoft Windows	CVE-2025-21418	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4549949: Windows Server 2019 / 2016 / 2012 R2 Security Update (April 2020)Microsoft Windows Adobe Font Manager Library Remote Code Execution Vulnerability (CVE-2020-0938)Microsoft Windows	CVE-2020-0938	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5017305: Windows Server 2019 / 2022 / 2016 +more Security Update (September 2022)Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability (CVE-2022-37969)Microsoft Windows	CVE-2022-37969	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5028166: Windows Server 2019 / 2022 / 2016 Security Update (July 2023)Microsoft Windows Defender SmartScreen Security Feature Bypass Vulnerability (CVE-2023-32049)Microsoft Windows	CVE-2023-32049	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5034763: Windows Server 2019 / 2022 Security Update (February 2024)Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability (CVE-2024-21338)Microsoft Windows	CVE-2024-21338	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5016616: Windows Server 2019 / 2022 / 2016 +more Security Update (August 2022)Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (CVE-2022-34713)Microsoft Windows	CVE-2022-34713	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4021903: Windows Server 2012 R2 / 2016 Security Update (June 2017)Microsoft Windows Shell (.lnk) Remote Code Execution Vulnerability (CVE-2017-8464)Microsoft Windows	CVE-2017-8464	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5075897: Windows Server 2019 / 2022 / 2025 +more Security Update (February 2026)Microsoft Windows Improper Privilege Management Vulnerability (CVE-2026-21533)Microsoft Windows	CVE-2026-21533	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4101477: Windows Server 2016 / 2012 R2 Security Update (May 2018)Microsoft COM for Windows Deserialization of Untrusted Data Vulnerability (CVE-2018-0824)Microsoft Windows	CVE-2018-0824	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4523205: Windows Server 2019 Security Update (November 2019)Microsoft Windows AppX Deployment Extensions Privilege Escalation Vulnerability (CVE-2019-1385)Microsoft Windows	CVE-2019-1385	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	Microsoft Windows Kernel Privilege Escalation Vulnerability (CVE-2015-6175)Microsoft Windows	CVE-2015-6175	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5004237: Windows Server 2019 / 2016 / 2012 R2 Security Update (July 2021)Microsoft Windows Kernel Privilege Escalation Vulnerability (CVE-2021-33771)Microsoft Windows	CVE-2021-33771	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5029242: Windows Server 2019 / 2022 / 2016 +more Security Update (July 2023)Microsoft Windows Search Remote Code Execution Vulnerability (CVE-2023-36884)Microsoft Windows	CVE-2023-36884	7.5	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4538461: Windows Server 2019 / 2016 / 2012 R2 Security Update (March 2020)Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability (CVE-2020-0787)Microsoft Windows	CVE-2020-0787	7.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB4343885: Windows Server Security Update (August 2018)Microsoft Windows Shell Remote Code Execution Vulnerability (CVE-2018-8414)Microsoft Windows	CVE-2018-8414	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5037763: Windows Server 2019 / 2022 / 2016 Security Update (May 2024)Microsoft Windows MSHTML Platform Security Feature Bypass Vulnerability (CVE-2024-30040)Microsoft Windows	CVE-2024-30040	8.8	In the wild	Reboot Required	Script
Active exploitation	HIGHCISA KEV	KB5005030: Windows Server Security Update (July 2021)Microsoft Windows SAM Local Privilege Escalation Vulnerability (CVE-2021-36934)Microsoft Windows	CVE-2021-36934	7.8	In the wild	Reboot Required	Script
Active exploitation	MEDIUMCISA KEV	KB5004237: Windows Server 2019 / 2016 / 2012 R2 Security Update (July 2021)Microsoft Windows Scripting Engine Memory Corruption Vulnerability (CVE-2021-34448)Microsoft Windows	CVE-2021-34448	6.8	In the wild	Reboot Required	Script
Active exploitation	MEDIUMCISA KEV	KB5053594: Windows Server 2019 / 2022 / 2025 +more Security Update (March 2025)Microsoft Windows NTFS Information Disclosure Vulnerability (CVE-2025-24984)Microsoft Windows	CVE-2025-24984	4.6	In the wild	Reboot Required	Script
Active exploitation	MEDIUMCISA KEV	KB5042880: Windows Server 2019 / 2022 / 2016 +more Security Update (September 2024)Microsoft Windows Mark of the Web (MOTW) Protection Mechanism Failure Vulnerability (CVE-2024-38217)Microsoft Windows	CVE-2024-38217	5.4	In the wild	Reboot Required	Script
Active exploitation	MEDIUMCISA KEV	Microsoft Windows Mount Manager Privilege Escalation Vulnerability (CVE-2015-1769)Microsoft Windows	CVE-2015-1769	6.6	In the wild	Reboot Required	Script
Active exploitation	MEDIUMCISA KEV	KB5053594: Windows Server 2019 / 2022 / 2025 +more Security Update (March 2025)Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability (CVE-2025-24054)Microsoft Windows	CVE-2025-24054	6.5	In the wild	Reboot Required	Script
Active exploitation	MEDIUMCISA KEV	KB5046612: Windows Server 2025 / 2019 / 2022 +more Security Update (November 2024)Microsoft Windows NTLMv2 Hash Disclosure Spoofing Vulnerability (CVE-2024-43451)Microsoft Windows	CVE-2024-43451	6.5	In the wild	Reboot Required	Script
Active exploitation	MEDIUMCISA KEV	KB5019080: Windows Server 2019 / 2022 / 2016 Security Update (November 2022)Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability (CVE-2022-41049)Microsoft Windows	CVE-2022-41049	5.4	In the wild	Reboot Required	Script
Active exploitation	MEDIUMCISA KEV	KB5003635: Windows Server 2019 Security Update (June 2021)Microsoft Windows Kernel Information Disclosure Vulnerability (CVE-2021-31955)Microsoft Windows	CVE-2021-31955	5.5	In the wild	Reboot Required	Script
Active exploitation	MEDIUMCISA KEV	KB4489868: Windows Server 2016 / 2012 R2 / 2019 Security Update (April 2019)Microsoft Windows SMB Information Disclosure Vulnerability (CVE-2019-0703)Microsoft Windows	CVE-2019-0703	6.5	In the wild	Reboot Required	Script
Active exploitation	MEDIUMCISA KEV	KB5023696: Windows Server 2019 / 2022 / 2016 Security Update (March 2023)Microsoft Windows SmartScreen Security Feature Bypass Vulnerability (CVE-2023-24880)Microsoft Windows	CVE-2023-24880	4.4	In the wild	Reboot Required	Script
Active exploitation	MEDIUMCISA KEV	KB5031354: Windows Server 2019 / 2022 / 2016 +more Security Update (October 2023)Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability (CVE-2023-36584)Microsoft Windows	CVE-2023-36584	5.4	In the wild	Reboot Required	Script
Active exploitation	MEDIUMCISA KEV	KB5039211: Windows Server 2019 / 2022 / 2016 +more Security Update (August 2024)Microsoft Windows SmartScreen Security Feature Bypass Vulnerability (CVE-2024-38213)Microsoft Windows	CVE-2024-38213	6.5	In the wild	Reboot Required	Script
Active exploitation	MEDIUMCISA KEV	KB5007186: Windows Server 2019 / 2022 / 2016 +more Security Update (November 2021)Microsoft Windows Installer Privilege Escalation Vulnerability (CVE-2021-41379)Microsoft Windows	CVE-2021-41379	5.5	In the wild	Reboot Required	Script
Active exploitation	MEDIUMCISA KEV	KB5082052: Windows Server 2019 / 2022 / 2025 +more Security Update (April 2026)Microsoft Windows Protection Mechanism Failure Vulnerability (CVE-2026-32202)Microsoft Windows	CVE-2026-32202	4.3	In the wild	Reboot Required	Script
Active exploitation	MEDIUMCISA KEV	KB5075897: Windows Server 2019 / 2022 / 2025 +more Security Update (February 2026)Microsoft Windows NULL Pointer Dereference Vulnerability (CVE-2026-21525)Microsoft Windows	CVE-2026-21525	6.2	In the wild	Reboot Required	Script
Active exploitation	MEDIUMCISA KEV	KB5073379: Windows Server 2019 / 2022 / 2025 +more Security Update (January 2026)Microsoft Windows Information Disclosure Vulnerability (CVE-2026-20805)Microsoft Windows	CVE-2026-20805	5.5	In the wild	Reboot Required	Script
Active exploitation	MEDIUMCISA KEV	KB5053594: Windows Server 2019 / 2022 / 2025 +more Security Update (March 2025)Microsoft Windows NTFS Out-Of-Bounds Read Vulnerability (CVE-2025-24991)Microsoft Windows	CVE-2025-24991	5.5	In the wild	Reboot Required	Script
Active exploitation	MEDIUMCISA KEV	KB5019080: Windows Server 2019 / 2022 / 2016 Security Update (November 2022)Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability (CVE-2022-41091)Microsoft Windows	CVE-2022-41091	5.4	In the wild	Reboot Required	Script
Active exploitation	MEDIUMCISA KEV	KB5044273: Windows Server 2022 / 2019 / 2016 +more Security Update (October 2024)Microsoft Windows MSHTML Platform Spoofing Vulnerability (CVE-2024-43573)Microsoft Windows	CVE-2024-43573	6.5	In the wild	Reboot Required	Script