November Top Security Vulnerabilities (CVE Report)
Top CVE's report for month of November2025
November Top Vulnerabilities Overview
In November, multiple critical and high severity vulnerabilities were disclosed, including remote code execution flaws in widely used services, authentication bypass weaknesses, privilege escalation in operating systems, and SQL injection in web applications. These vulnerabilities pose significant risk of full system compromise, unauthorized access, or data breach if not promptly patched.
table {mso-displayed-decimal-separator:"\."; mso-displayed-thousand-separator:"\,";} tr {mso-height-source:auto;} col {mso-width-source:auto;} td {padding-top:1px; padding-right:1px; padding-left:1px; mso-ignore:padding; color:black; font-size:11.0pt; font-weight:400; font-style:normal; text-decoration:none; font-family:"Aptos Narrow", sans-serif; mso-font-charset:0; text-align:general; vertical-align:bottom; border:none; white-space:nowrap; mso-rotate:0;} .xl18 {color:white; font-size:12.0pt; font-weight:700; font-family:Aptos; mso-generic-font-family:auto; mso-font-charset:0; text-align:center; vertical-align:middle; border:.5pt solid black; background:#0070C0; mso-pattern:black none;} .xl19 {text-align:center; vertical-align:middle; border:.5pt solid black; white-space:normal;} .xl20 {text-align:center; vertical-align:middle; border:.5pt solid black;} .xl21 {color:#467886; text-decoration:underline; text-underline-style:single; text-align:center; vertical-align:middle; border:.5pt solid black;}
| NAME | CVE ID | Criticality | CVSS SCORE | Description | Reference Link |
| Nuance PowerScribe 360 Information Disclosure Vulnerability | CVE-2025-30398 | High | 8.1 | Missing authorization in Nuance PowerScribe allows an unauthorized attacker to disclose information over a network. | https://www.cve.org/CVERecord?id=CVE-2025-30398 |
| Configuration Manager Elevation of Privilege Vulnerability | CVE-2025-47179 | Medium | 6.7 | Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-47179 |
| Microsoft Excel Information Disclosure Vulnerability | CVE-2025-59240 | Medium | 5.5 | Exposure of sensitive information to an unauthorized actor in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | https://www.cve.org/CVERecord?id=CVE-2025-59240 |
| Microsoft SQL Server Elevation of Privilege Vulnerability | CVE-2025-59499 | High | 8.8 | Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network. | https://www.cve.org/CVERecord?id=CVE-2025-59499 |
| Azure Monitor Agent Remote Code Execution Vulnerability | CVE-2025-59504 | High | 7.3 | Heap-based buffer overflow in Azure Monitor Agent allows an unauthorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-59504 |
| Windows Smart Card Reader Elevation of Privilege Vulnerability | CVE-2025-59505 | High | 7.8 | Double free in Windows Smart Card allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-59505 |
| DirectX Graphics Kernel Elevation of Privilege Vulnerability | CVE-2025-59506 | High | 7 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-59506 |
| Windows Speech Runtime Elevation of Privilege Vulnerability | CVE-2025-59507 | High | 7 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-59507 |
| Windows Speech Recognition Elevation of Privilege Vulnerability | CVE-2025-59508 | High | 7 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-59508 |
| Windows Speech Recognition Information Disclosure Vulnerability | CVE-2025-59509 | Medium | 5.5 | Insertion of sensitive information into sent data in Windows Speech allows an authorized attacker to disclose information locally. | https://www.cve.org/CVERecord?id=CVE-2025-59509 |
| Windows Routing and Remote Access Service (RRAS) Denial of Service Vulnerability | CVE-2025-59510 | Medium | 5.5 | Improper link resolution before file access ('link following') in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to deny service locally. | https://www.cve.org/CVERecord?id=CVE-2025-59510 |
| Windows WLAN Service Elevation of Privilege Vulnerability | CVE-2025-59511 | High | 7.8 | External control of file name or path in Windows WLAN Service allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-59511 |
| Customer Experience Improvement Program (CEIP) Elevation of Privilege Vulnerability | CVE-2025-59512 | High | 7.8 | Improper access control in Customer Experience Improvement Program (CEIP) allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-59512 |
| Windows Bluetooth RFCOM Protocol Driver Information Disclosure Vulnerability | CVE-2025-59513 | Medium | 5.5 | Out-of-bounds read in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to disclose information locally. | https://www.cve.org/CVERecord?id=CVE-2025-59513 |
| Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability | CVE-2025-59514 | High | 7.8 | Improper privilege management in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-59514 |
| Windows Broadcast DVR User Service Elevation of Privilege Vulnerability | CVE-2025-59515 | High | 7 | Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-59515 |
| Windows Remote Desktop Services Elevation of Privilege Vulnerability | CVE-2025-60703 | High | 7.8 | Untrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-60703 |
| Windows Kerberos Elevation of Privilege Vulnerability | CVE-2025-60704 | High | 7.5 | Missing cryptographic step in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network. | https://www.cve.org/CVERecord?id=CVE-2025-60704 |
| Windows Client-Side Caching Elevation of Privilege Vulnerability | CVE-2025-60705 | High | 7.8 | Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-60705 |
| Windows Hyper-V Information Disclosure Vulnerability | CVE-2025-60706 | Medium | 5.5 | Out-of-bounds read in Windows Hyper-V allows an authorized attacker to disclose information locally. | https://www.cve.org/CVERecord?id=CVE-2025-60706 |
| Storvsp.sys Driver Denial of Service Vulnerability | CVE-2025-60708 | Medium | 6.5 | Untrusted pointer dereference in Storvsp.sys Driver allows an authorized attacker to deny service locally. | https://www.cve.org/CVERecord?id=CVE-2025-60708 |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | CVE-2025-60709 | High | 7.8 | Out-of-bounds read in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-60709 |
| Host Process for Windows Tasks Elevation of Privilege Vulnerability | CVE-2025-60710 | High | 7.8 | Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-60710 |
| Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability | CVE-2025-60713 | High | 7.8 | Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-60713 |
| Windows OLE Remote Code Execution Vulnerability | CVE-2025-60714 | High | 7.8 | Heap-based buffer overflow in Windows OLE allows an unauthorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-60714 |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | CVE-2025-60715 | High | 8 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | https://www.cve.org/CVERecord?id=CVE-2025-60715 |
| DirectX Graphics Kernel Elevation of Privilege Vulnerability | CVE-2025-60716 | High | 7 | Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-60716 |
| Windows Broadcast DVR User Service Elevation of Privilege Vulnerability | CVE-2025-60717 | High | 7 | Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-60717 |
| Windows Administrator Protection Elevation of Privilege Vulnerability | CVE-2025-60718 | High | 7.8 | Untrusted search path in Windows Administrator Protection allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-60718 |
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | CVE-2025-60719 | High | 7 | Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-60719 |
| Windows Transport Driver Interface (TDI) Translation Driver Elevation of Privilege Vulnerability | CVE-2025-60720 | High | 7.8 | Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-60720 |
| Windows Administrator Protection Elevation of Privilege Vulnerability | CVE-2025-60721 | High | 7.8 | Privilege context switching error in Windows Administrator Protection allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-60721 |
| Microsoft OneDrive for Android Elevation of Privilege Vulnerability | CVE-2025-60722 | Medium | 6.5 | Improper limitation of a pathname to a restricted directory ('path traversal') in OneDrive for Android allows an authorized attacker to elevate privileges over a network. | https://www.cve.org/CVERecord?id=CVE-2025-60722 |
| DirectX Graphics Kernel Denial of Service Vulnerability | CVE-2025-60723 | Medium | 6.3 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorized attacker to deny service over a network. | https://www.cve.org/CVERecord?id=CVE-2025-60723 |
| GDI+ Remote Code Execution Vulnerability | CVE-2025-60724 | Critical | 9.8 | Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network. | https://www.cve.org/CVERecord?id=CVE-2025-60724 |
| Microsoft Excel Information Disclosure Vulnerability | CVE-2025-60726 | High | 7.1 | Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | https://www.cve.org/CVERecord?id=CVE-2025-60726 |
| Microsoft Excel Remote Code Execution Vulnerability | CVE-2025-60727 | High | 7.8 | Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-60727 |
| Microsoft Excel Information Disclosure Vulnerability | CVE-2025-60728 | Medium | 4.3 | Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network. | https://www.cve.org/CVERecord?id=CVE-2025-60728 |
| Microsoft Office Remote Code Execution Vulnerability | CVE-2025-62199 | High | 7.8 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-62199 |
| Microsoft Excel Remote Code Execution Vulnerability | CVE-2025-62200 | High | 7.8 | Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-62200 |
| Microsoft Excel Remote Code Execution Vulnerability | CVE-2025-62201 | High | 7.8 | Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-62201 |
| Microsoft Excel Information Disclosure Vulnerability | CVE-2025-62202 | High | 7.1 | Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | https://www.cve.org/CVERecord?id=CVE-2025-62202 |
| Microsoft Excel Remote Code Execution Vulnerability | CVE-2025-62203 | High | 7.8 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-62203 |
| Microsoft SharePoint Remote Code Execution Vulnerability | CVE-2025-62204 | High | 8 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | https://www.cve.org/CVERecord?id=CVE-2025-62204 |
| Microsoft Office Remote Code Execution Vulnerability | CVE-2025-62205 | High | 7.8 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-62205 |
| Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability | CVE-2025-62206 | Medium | 6.5 | Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network. | https://www.cve.org/CVERecord?id=CVE-2025-62206 |
| Windows License Manager Information Disclosure Vulnerability | CVE-2025-62208 | Medium | 6.5 | Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally. | https://www.cve.org/CVERecord?id=CVE-2025-62208 |
| Windows License Manager Information Disclosure Vulnerability | CVE-2025-62209 | Medium | 5.5 | Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally. | https://www.cve.org/CVERecord?id=CVE-2025-62209 |
| Dynamics 365 Field Service (online) Spoofing Vulnerability | CVE-2025-62210 | High | 8.7 | Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network | https://www.cve.org/CVERecord?id=CVE-2025-62210 |
| Dynamics 365 Field Service (online) Spoofing Vulnerability | CVE-2025-62211 | High | 8.7 | Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network. | https://www.cve.org/CVERecord?id=CVE-2025-62211 |
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | CVE-2025-62213 | High | 7 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-62213 |
| Visual Studio Remote Code Execution Vulnerability | CVE-2025-62214 | Medium | 6.7 | Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-62214 |
| Windows Kernel Elevation of Privilege Vulnerability | CVE-2025-62215 | High | 7 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-62215 |
| Microsoft Office Remote Code Execution Vulnerability | CVE-2025-62216 | High | 7.8 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | https://www.cve.org/CVERecord?id=CVE-2025-62216 |
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | CVE-2025-62217 | High | 7 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-62217 |
| Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability | CVE-2025-62218 | High | 7 | Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-62218 |
| Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability | CVE-2025-62219 | High | 7 | Double free in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally. | https://www.cve.org/CVERecord?id=CVE-2025-62219 |
| Windows Subsystem for Linux GUI Remote Code Execution Vulnerability | CVE-2025-62220 | High | 8.8 | Heap-based buffer overflow in Windows Subsystem for Linux GUI allows an unauthorized attacker to execute code over a network. | https://www.cve.org/CVERecord?id=CVE-2025-62220 |
| Agentic AI and Visual Studio Code Remote Code Execution Vulnerability | CVE-2025-62222 | High | 8.8 | Improper neutralization of special elements used in a command ('command injection') in Visual Studio Code CoPilot Chat Extension allows an unauthorized attacker to execute code over a network. | https://www.cve.org/CVERecord?id=CVE-2025-62222 |
| Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass Vulnerability | CVE-2025-62449 | Medium | 6.8 | Improper limitation of a pathname to a restricted directory ('path traversal') in Visual Studio Code CoPilot Chat Extension allows an authorized attacker to bypass a security feature locally. | https://www.cve.org/CVERecord?id=CVE-2025-62449 |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | CVE-2025-62452 | High | 8 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | https://www.cve.org/CVERecord?id=CVE-2025-62452 |
| GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability | CVE-2025-62453 | Medium | 5 | Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally. | https://www.cve.org/CVERecord?id=CVE-2025-62453 |