CVE-2025-21247 MapUrlToZone Security Feature Bypass Vulnerability
Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.
CVE-2025-24078 Microsoft Word Remote Code Execution Vulnerability
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-26631 Visual Studio Code Elevation of Privilege Vulnerability
Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally.
CVE-2025-24071 Microsoft Windows File Explorer Spoofing Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-25008 Windows Server Elevation of Privilege Vulnerability
Improper link resolution before file access (‘link following’) in Microsoft Windows allows an authorized attacker to elevate privileges locally.
CVE-2025-24077 Microsoft Word Remote Code Execution Vulnerability
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-26630 Microsoft Access Remote Code Execution Vulnerability
Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally.
CVE-2025-24067 Kernel Streaming Service Driver Elevation of Privilege Vulnerability
Heap-based buffer overflow in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.
CVE-2025-25003 Visual Studio Elevation of Privilege Vulnerability
Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.
CVE-2025-24070 ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability
Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network.
