CVE-2025-21376: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

CVE-2025-21375: Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

CVE-2025-21369: Microsoft Digest Authentication Remote Code Execution Vulnerability

CVE-2025-21383: Microsoft Excel Information Disclosure Vulnerability

CVE-2025-21379: DHCP Client Service Remote Code Execution Vulnerability

**According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution?**

This attack requires a client to connect to a malicious server, and that could allow the attacker to gain code execution on the client.

Headline

CVE-2025-21400: Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft Security Response Center: Latest News