Microsoft Windows_app

18 CVEs affecting Microsoft Windows_app. Latest disclosed: 2026-06-09. Critical: 0, High: 15.

Top CVEs affecting Microsoft Windows_app
CVESeverityScorePublishedSummary
CVE-2026-47289High8.82026-06-09Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-42985High8.82026-06-09Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2025-58718High8.82025-10-14Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2025-48817High8.82025-07-08Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2025-29966High8.82025-05-13Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network.
CVE-2025-26645High8.82025-03-11Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2024-49105High8.42024-12-12Remote Desktop Client Remote Code Execution Vulnerability
CVE-2025-27487High8.02025-04-08Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network.
CVE-2020-0919High7.82020-04-15An elevation of privilege vulnerability exists in Remote Desktop App for Mac in the way it allows an attacker to load unsigned binaries, aka 'Microsoft Remote…
CVE-2026-45639High7.52026-06-09Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network.
CVE-2026-44801High7.52026-06-09Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-44799High7.52026-06-09Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-42992High7.52026-06-09Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-42909High7.52026-06-09Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-42908High7.52026-06-09Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network.
CVE-2025-32715Medium6.52025-06-10Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network.
CVE-2026-23656Medium5.92026-03-10Insufficient verification of data authenticity in Windows App Installer allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-21517Medium4.72026-02-10Improper link resolution before file access ('link following') in Windows App for Mac allows an authorized attacker to elevate privileges locally.