Lösungen für:
Privatanwender
Unternehmen
Unternehmen
Unternehmen
Schwachstellen Bedrohungen
Home Schwachstellen

Multiple vulnerabilities in Microsoft Windows

Kaspersky ID:
KLA91040
Erkennungsdatum:
05/12/2026
Aktualisiert:
05/13/2026

Beschreibung

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, gain privileges, execute arbitrary code, obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. A denial of service vulnerability in Windows TCP/IP can be exploited remotely to cause denial of service.
  2. An elevation of privilege vulnerability in Data Deduplication can be exploited remotely to gain privileges.
  3. An elevation of privilege vulnerability in Windows Hyper-V can be exploited remotely to gain privileges.
  4. An elevation of privilege vulnerability can be exploited to gain privileges.
  5. An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely to gain privileges.
  6. An elevation of privilege vulnerability in Windows Storage Spaces Controller can be exploited remotely to gain privileges.
  7. An elevation of privilege vulnerability in Windows Application Identity (AppID) Subsystem can be exploited remotely to gain privileges.
  8. A remote code execution vulnerability in Windows DNS Client can be exploited remotely to execute arbitrary code.
  9. A security feature bypass vulnerability in Windows Filtering Platform (WFP) can be exploited remotely to bypass security restrictions.
  10. An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely to gain privileges.
  11. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
  12. An elevation of privilege vulnerability in Windows Projected File System can be exploited remotely to gain privileges.
  13. A denial of service vulnerability in Windows Lightweight Directory Access Protocol (LDAP) can be exploited remotely to cause denial of service.
  14. A remote code execution vulnerability in Windows Native WiFi Miniport Driver can be exploited remotely to execute arbitrary code.
  15. An elevation of privilege vulnerability in Windows TCP/IP Local can be exploited remotely to gain privileges.
  16. An elevation of privilege vulnerability in Windows Win32k can be exploited remotely to gain privileges.
  17. Out-of-bounds read in Windows DWM Core Library can be exploited remotely to obtain sensitive information.
  18. An elevation of privilege vulnerability in Windows Telephony Service can be exploited remotely to gain privileges.
  19. A remote code execution vulnerability in Windows Kernel-Mode Driver can be exploited remotely to execute arbitrary code.
  20. An information disclosure vulnerability in Windows TCP/IP can be exploited remotely to obtain sensitive information.
  21. An elevation of privilege vulnerability in Windows Remote Desktop Services can be exploited remotely to gain privileges.
  22. An elevation of privilege vulnerability in Windows Admin Center can be exploited remotely to gain privileges.
  23. Buffer over-read in Windows DWM Core Library can be exploited remotely to obtain sensitive information.
  24. An elevation of privilege vulnerability in Windows TCP/IP can be exploited remotely to gain privileges.
  25. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
  26. An elevation of privilege vulnerability in Windows Rich Text Edit can be exploited remotely to gain privileges.
  27. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
  28. A remote code execution vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to execute arbitrary code.
  29. A security feature bypass vulnerability in Windows TCP/IP Driver can be exploited remotely to bypass security restrictions.
  30. A remote code execution vulnerability in Windows GDI can be exploited remotely to execute arbitrary code.
  31. An elevation of privilege vulnerability in Windows Link-Layer Discovery Protocol (LLDP) can be exploited remotely to gain privileges.
  32. An elevation of privilege vulnerability in Windows Cloud Files Mini Filter Driver can be exploited remotely to gain privileges.
  33. A remote code execution vulnerability in Windows Netlogon can be exploited remotely to execute arbitrary code.
  34. A denial of service vulnerability in Internet Key Exchange (IKE) Protocol can be exploited remotely to cause denial of service.
  35. A security feature bypass vulnerability in Secure Boot can be exploited remotely to bypass security restrictions.
  36. An elevation of privilege vulnerability in Microsoft Cryptographic Services can be exploited remotely to gain privileges.
  37. An elevation of privilege vulnerability in Windows Message Queuing (MSMQ) can be exploited remotely to gain privileges.
  38. An information disclosure vulnerability in Windows 11 Telnet Client can be exploited remotely to obtain sensitive information.
  39. An elevation of privilege vulnerability in Windows Event Logging Service can be exploited remotely to gain privileges.
  40. A remote code execution vulnerability in Windows TCP/IP can be exploited remotely to execute arbitrary code.
  41. An elevation of privilege vulnerability in Windows WAN ARP Driver can be exploited remotely to gain privileges.
  42. A remote code execution vulnerability in Windows Volume Manager Extension Driver can be exploited remotely to execute arbitrary code.
  43. A denial of service vulnerability in Windows Storport Miniport Driver can be exploited remotely to cause denial of service.
  44. An elevation of privilege vulnerability in Windows DWM Core Library can be exploited remotely to gain privileges.
  45. A remote code execution vulnerability in Windows Graphics Component can be exploited remotely to execute arbitrary code.
  46. An elevation of privilege vulnerability in Windows SMB Client can be exploited remotely to gain privileges.

Ursprüngliche Informationshinweise

Betroffene Produkte

CVE Liste

  • CVE-2026-21530
    high
  • CVE-2026-32161
    critical
  • CVE-2026-32170
    high
  • CVE-2026-32209
    warning
  • CVE-2026-33834
    critical
  • CVE-2026-33835
    critical
  • CVE-2026-33837
    critical
  • CVE-2026-33838
    critical
  • CVE-2026-33839
    high
  • CVE-2026-33840
    critical
  • CVE-2026-33841
    critical
  • CVE-2026-34329
    critical
  • CVE-2026-34330
    critical
  • CVE-2026-34331
    high
  • CVE-2026-34332
    critical
  • CVE-2026-34333
    critical
  • CVE-2026-34334
    critical
  • CVE-2026-34336
    critical
  • CVE-2026-34337
    critical
  • CVE-2026-34338
    critical
  • CVE-2026-34339
    high
  • CVE-2026-34340
    high
  • CVE-2026-34341
    high
  • CVE-2026-34342
    high
  • CVE-2026-34343
    critical
  • CVE-2026-34344
    critical
  • CVE-2026-34345
    high
  • CVE-2026-34347
    high
  • CVE-2026-34350
    high
  • CVE-2026-34351
    critical
  • CVE-2026-35415
    critical
  • CVE-2026-35416
    high
  • CVE-2026-35417
    critical
  • CVE-2026-35418
    critical
  • CVE-2026-35419
    high
  • CVE-2026-35420
    critical
  • CVE-2026-35421
    critical
  • CVE-2026-35422
    high
  • CVE-2026-35423
    high
  • CVE-2026-35424
    critical
  • CVE-2026-35438
    critical
  • CVE-2026-40369
    critical
  • CVE-2026-40377
    critical
  • CVE-2026-40380
    high
  • CVE-2026-40382
    critical
  • CVE-2026-40397
    critical
  • CVE-2026-40398
    critical
  • CVE-2026-40399
    critical
  • CVE-2026-40401
    high
  • CVE-2026-40402
    critical
  • CVE-2026-40403
    critical
  • CVE-2026-40405
    critical
  • CVE-2026-40406
    critical
  • CVE-2026-40407
    critical
  • CVE-2026-40408
    critical
  • CVE-2026-40410
    high
  • CVE-2026-40413
    high
  • CVE-2026-40414
    high
  • CVE-2026-40415
    critical
  • CVE-2026-41088
    critical
  • CVE-2026-41089
    critical
  • CVE-2026-41095
    critical
  • CVE-2026-41096
    critical
  • CVE-2026-41097
    high
  • CVE-2026-42825
    high
  • CVE-2026-42896
    critical
  • CVE-2025-54518
    unknown

KB Liste

Mehr erfahren

Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com

Sie haben einen Fehler in der Beschreibung der Schwachstelle gefunden? Mitteilen!
Kaspersky Next
Let´s go Next: Cybersicherheit neu gedacht
Erfahren Sie mehr
Neu: Kaspersky!
Dein digitales Leben verdient umfassenden Schutz!
Erfahren Sie mehr
Related articles
12 May 2026
Securelist
State of ransomware in 2026
08 May 2026
Securelist
CVE-2025-68670: discovering an RCE vulnerability in xrdp
07 May 2026
Securelist
Exploits and vulnerabilities in Q1 2026
06 May 2026
Securelist
OceanLotus suspected of using PyPI to deliver ZiChatBot malware
06 May 2026
Securelist
Websites with an undefined trust level: avoiding the trap
04 May 2026
Securelist
“Legitimate” phishing: how attackers weaponize Amazon SES to bypass email security
Sie haben einen Fehler in der Beschreibung der Schwachstelle gefunden?
Falls Sie eine neue Bedrohung oder Schwachstelle gefunden haben, können Sie uns dies gerne per Mail mitteilen.
newvirus@kaspersky.com
Sie haben eine neue Bedrohung oder Schwachstelle gefunden?
Falls Sie eine neue Bedrohung oder Schwachstelle gefunden haben, können Sie uns dies gerne per Mail mitteilen.
newvirus@kaspersky.com
Lösungen für
Privatanwender
Unternehmen
Unternehmen
Unternehmen
Select language
Severity level
Critical
High
Warning
Sorting
Kaspersky ID
Schwachstellen
Detect date
Schweregrad
You must select at least one severity level
Do you want to save your changes?
Your message has been sent successfully.