Microsoft Windows_11_22h2
11 CVEs affecting Microsoft Windows_11_22h2. Latest disclosed: 2026-04-14. Critical: 2, High: 8.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-53766 | Critical | 9.8 | 2025-08-12 | Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. |
CVE-2023-38545 | Critical | 9.8 | 2023-10-18 | This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow t… |
CVE-2025-30388 | High | 7.8 | 2025-05-13 | Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally. |
CVE-2025-21338 | High | 7.8 | 2025-01-14 | GDI+ Remote Code Execution Vulnerability |
CVE-2024-38250 | High | 7.8 | 2024-09-10 | Windows Graphics Component Elevation of Privilege Vulnerability |
CVE-2026-33116 | High | 7.5 | 2026-04-14 | Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network. |
CVE-2026-23666 | High | 7.5 | 2026-04-14 | Improper input validation in .NET Framework allows an unauthorized attacker to deny service over a network. |
CVE-2025-26687 | High | 7.5 | 2025-04-08 | Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network. |
CVE-2023-44487 | High | 7.5 | 2023-10-10 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the w… |
CVE-2023-29335 | High | 7.5 | 2023-05-09 | Microsoft Word Security Feature Bypass Vulnerability |
CVE-2025-53799 | Medium | 5.5 | 2025-09-09 | Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally. |