| CVE-2025-62199 | Microsoft Office | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | Remote Code Execution |
| CVE-2025-60716 | DirectX Graphics Kernel | Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-60724 | GDI+ | Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network. | Remote Code Execution |
| CVE-2025-62214 | Visual Studio | Improper neutralization of special elements used in a command (‘command injection’) in Visual Studio allows an authorized attacker to execute code locally. | Remote Code Execution |
| CVE-2025-30398 | Nuance PowerScribe 360 | Missing authorization in Nuance PowerScribe allows an unauthorized attacker to disclose information over a network. | Information Disclosure |
| CVE-2025-59504 | Azure Monitor Agent | Heap-based buffer overflow in Azure Monitor Agent allows an unauthorized attacker to execute code locally. | Remote Code Execution |
| CVE-2025-59505 | Windows Smart Card Reader | Double free in Windows Smart Card allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-59506 | DirectX Graphics Kernel | Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows DirectX allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-59507 | Windows Speech Runtime | Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Speech allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-59508 | Windows Speech Recognition | Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Speech allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-59509 | Windows Speech Recognition | Insertion of sensitive information into sent data in Windows Speech allows an authorized attacker to disclose information locally. | Information Disclosure |
| CVE-2025-59510 | Windows Routing and Remote Access Service (RRAS) | Improper link resolution before file access (‘link following’) in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to deny service locally. | Denial of Service |
| CVE-2025-59511 | Windows WLAN Service | External control of file name or path in Windows WLAN Service allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-59512 | Customer Experience Improvement Program (CEIP) | Improper access control in Customer Experience Improvement Program (CEIP) allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-59513 | Windows Bluetooth RFCOM Protocol Driver | Out-of-bounds read in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to disclose information locally. | Information Disclosure |
| CVE-2025-60703 | Windows Remote Desktop Services | Untrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-60704 | Windows Kerberos | Missing cryptographic step in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network. | Elevation of Privilege |
| CVE-2025-60705 | Windows Client-Side Caching | Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-60706 | Windows Hyper-V | Out-of-bounds read in Windows Hyper-V allows an authorized attacker to disclose information locally. | Information Disclosure |
| CVE-2025-60707 | Multimedia Class Scheduler Service (MMCSS) Driver | Use after free in Multimedia Class Scheduler Service (MMCSS) allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-60708 | Storvsp.sys Driver | Untrusted pointer dereference in Storvsp.sys Driver allows an authorized attacker to deny service locally. | Denial of Service |
| CVE-2025-60709 | Windows Common Log File System Driver | Out-of-bounds read in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-60710 | Host Process for Windows Tasks | Improper link resolution before file access (‘link following’) in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-60726 | Microsoft Excel | Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | Information Disclosure |
| CVE-2025-60727 | Microsoft Excel | Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | Remote Code Execution |
| CVE-2025-60728 | Microsoft Excel | Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network. | Information Disclosure |
| CVE-2025-62206 | Microsoft Dynamics 365 (On-Premises) | Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network. | Information Disclosure |
| CVE-2025-62210 | Dynamics 365 Field Service (online) | Improper neutralization of input during web page generation (‘cross-site scripting’) in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network. | Spoofing |
| CVE-2025-62216 | Microsoft Office | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | Remote Code Execution |
| CVE-2025-60719 | Windows Ancillary Function Driver for WinSock | Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-60722 | Microsoft OneDrive for Android | Improper limitation of a pathname to a restricted directory (‘path traversal’) in OneDrive for Android allows an authorized attacker to elevate privileges over a network. | Elevation of Privilege |
| CVE-2025-62217 | Windows Ancillary Function Driver for WinSock | Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-62218 | Microsoft Wireless Provisioning System | Concurrent execution using shared resource with improper synchronization (‘race condition’) in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-62219 | Microsoft Wireless Provisioning System | Double free in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-62220 | Windows Subsystem for Linux GUI | Heap-based buffer overflow in Windows Subsystem for Linux GUI allows an unauthorized attacker to execute code over a network. | Remote Code Execution |
| CVE-2025-62452 | Windows Routing and Remote Access Service (RRAS) | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | Remote Code Execution |
| CVE-2025-59240 | Microsoft Excel | Exposure of sensitive information to an unauthorized actor in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | Information Disclosure |
| CVE-2025-47179 | Configuration Manager | Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-59514 | Microsoft Streaming Service Proxy | Improper privilege management in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-59515 | Windows Broadcast DVR User Service | Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-60713 | Windows Routing and Remote Access Service (RRAS) | Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-60714 | Windows OLE | Heap-based buffer overflow in Windows OLE allows an unauthorized attacker to execute code locally. | Remote Code Execution |
| CVE-2025-60715 | Windows Routing and Remote Access Service (RRAS) | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | Remote Code Execution |
| CVE-2025-60717 | Windows Broadcast DVR User Service | Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-60718 | Windows Administrator Protection | Untrusted search path in Windows Administrator Protection allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-60720 | Windows Transport Driver Interface (TDI) Translation Driver | Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-60723 | DirectX Graphics Kernel | Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows DirectX allows an authorized attacker to deny service over a network. | Denial of Service |
| CVE-2025-62200 | Microsoft Excel | Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | Remote Code Execution |
| CVE-2025-62201 | Microsoft Excel | Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | Remote Code Execution |
| CVE-2025-62202 | Microsoft Excel | Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | Information Disclosure |
| CVE-2025-62203 | Microsoft Excel | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | Remote Code Execution |
| CVE-2025-62204 | Microsoft SharePoint | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | Remote Code Execution |
| CVE-2025-62205 | Microsoft Office | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | Remote Code Execution |
| CVE-2025-62208 | Windows License Manager | Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally. | Information Disclosure |
| CVE-2025-62209 | Windows License Manager | Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally. | Information Disclosure |
| CVE-2025-59499 | Microsoft SQL Server | Improper neutralization of special elements used in an sql command (‘sql injection’) in SQL Server allows an authorized attacker to elevate privileges over a network. | Elevation of Privilege |
| CVE-2025-62211 | Dynamics 365 Field Service (online) | Improper neutralization of input during web page generation (‘cross-site scripting’) in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network. | Spoofing |
| CVE-2025-62215 | Windows Kernel | Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Kernel allows an authorized attacker to elevate privileges locally. (Zero-day, exploited) | Elevation of Privilege |
| CVE-2025-62213 | Windows Ancillary Function Driver for WinSock | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-62222 | Agentic AI and Visual Studio Code | Improper neutralization of special elements used in a command (‘command injection’) in Visual Studio Code CoPilot Chat Extension allows an unauthorized attacker to execute code over a network. | Remote Code Execution |
| CVE-2025-62449 | Microsoft Visual Studio Code CoPilot Chat Extension | Improper limitation of a pathname to a restricted directory (‘path traversal’) in Visual Studio Code CoPilot Chat Extension allows an authorized attacker to bypass a security feature locally. | Security Feature Bypass |
| CVE-2025-60721 | Windows Administrator Protection | Privilege context switching error in Windows Administrator Protection allows an authorized attacker to elevate privileges locally. | Elevation of Privilege |
| CVE-2025-62453 | GitHub Copilot and Visual Studio Code | Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally. | Security Feature Bypass |
