TheWindowsUpdate.com

External control of file name or path in Confidential Azure Container Instances allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-59291 Confidential Azure Container Instances Elevation of Privilege Vulnerability→

Insertion of sensitive information into log file in Windows ETL Channel allows an authorized attacker to disclose information locally. Continue reading CVE-2025-59197 Windows ETL Channel Information Disclosure Vulnerability→

Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-59290 Windows Bluetooth Service Elevation of Privilege Vulnerability→

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Management Services allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-59193 Windows Management Services Elevation of Privilege Vulnerability→

Improper verification of cryptographic signature in GitHub allows an unauthorized attacker to perform spoofing over an adjacent network. Continue reading CVE-2025-59288 Playwright Spoofing Vulnerability→

Heap-based buffer overflow in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-59191 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability→

Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing locally. Continue reading CVE-2025-59284 Windows NTLM Spoofing Vulnerability→

Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally. Continue reading CVE-2025-59189 Microsoft Brokering File System Elevation of Privilege Vulnerability→