cvelistv5 - cve-2025-29970

CVE-2025-29970 (GCVE-0-2025-29970)

Vulnerability from cvelistv5

Published

2025-05-13 16:58

Modified

2025-07-15 01:11

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

CWE

CWE-416 - Use After Free

Summary

Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.

References

►

URL

wid-sec-w-2025-1050

Vulnerability from csaf_certbund

Published

2025-05-13 22:00

Modified

2025-06-22 22:00

Summary

Microsoft Windows Server: Mehrere Schwachstellen ermöglichen Privilegieneskalation

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Windows ist ein Betriebssystem von Microsoft. Windows Server 2016 ist ein Betriebssystem von Microsoft. Windows Server 2019 ist ein Betriebssystem von Microsoft.

Angriff

Ein entfernter, anonymer Angreifer, oder lokaler Angreifer, oder ein Angreifer aus einem angrenzenden Netzwerk kann mehrere Schwachstellen in Microsoft Windows Server, Microsoft Windows Server 2012, Microsoft Windows Server 2012 R2, Microsoft Windows 10, Microsoft Windows Server 2016, Microsoft Windows Server 2019, Microsoft Windows, Microsoft Windows Server 2022 und Microsoft Windows 11 ausnutzen, um einen Denial-of-Service auszulösen, Informationen offenzulegen, beliebigen Programmcode auszuführen oder seine Privilegien zu erweitern.

Betroffene Betriebssysteme

- Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Windows ist ein Betriebssystem von Microsoft.\r\nWindows Server 2016 ist ein Betriebssystem von Microsoft.\r\nWindows Server 2019 ist ein Betriebssystem von Microsoft.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer, oder lokaler Angreifer, oder ein Angreifer aus einem angrenzenden Netzwerk kann mehrere Schwachstellen in Microsoft Windows Server, Microsoft Windows Server 2012, Microsoft Windows Server 2012 R2, Microsoft Windows 10, Microsoft Windows Server 2016, Microsoft Windows Server 2019, Microsoft Windows, Microsoft Windows Server 2022 und Microsoft Windows 11 ausnutzen, um einen Denial-of-Service auszul\u00f6sen, Informationen offenzulegen, beliebigen Programmcode auszuf\u00fchren oder seine Privilegien zu erweitern.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-1050 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1050.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-1050 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1050"
      },
      {
        "category": "external",
        "summary": "Microsoft Leitfaden f\u00fcr Sicherheitsupdates",
        "url": "https://msrc.microsoft.com/update-guide/"
      },
      {
        "category": "external",
        "summary": "Hitachi Vulnerability Information HITACHI-SEC-2025-306 vom 2025-06-23",
        "url": "https://www.hitachi.com/products/it/storage-solutions/sec_info/2025/05.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Microsoft Windows Server: Mehrere Schwachstellen erm\u00f6glichen Privilegieneskalation",
    "tracking": {
      "current_release_date": "2025-06-22T22:00:00.000+00:00",
      "generator": {
        "date": "2025-06-23T07:15:40.188+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2025-1050",
      "initial_release_date": "2025-05-13T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-05-13T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-06-22T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von HITACHI aufgenommen"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Hitachi Storage",
            "product": {
              "name": "Hitachi Storage",
              "product_id": "T009295",
              "product_identification_helper": {
                "cpe": "cpe:/h:hitachi:storage:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Hitachi"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "HLK Version 1809",
                "product": {
                  "name": "Microsoft Windows HLK Version 1809",
                  "product_id": "T021063",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows:update_assistant"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Remote Desktop client for Desktop",
                "product": {
                  "name": "Microsoft Windows Remote Desktop client for Desktop",
                  "product_id": "T042605",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows:remote_desktop_client_for_desktop"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "App Client for Desktop",
                "product": {
                  "name": "Microsoft Windows App Client for Desktop",
                  "product_id": "T042613",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows:app_client_for_desktop"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Windows"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Microsoft Windows 10",
                "product": {
                  "name": "Microsoft Windows 10",
                  "product_id": "T042599",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_10:-"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Version 1607",
                "product": {
                  "name": "Microsoft Windows 10 Version 1607",
                  "product_id": "T042601",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_10:version_1607"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Version 1809",
                "product": {
                  "name": "Microsoft Windows 10 Version 1809",
                  "product_id": "T042602",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_10:version_1809"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Version 21H2",
                "product": {
                  "name": "Microsoft Windows 10 Version 21H2",
                  "product_id": "T042606",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_10:version_21h2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Version 22H2",
                "product": {
                  "name": "Microsoft Windows 10 Version 22H2",
                  "product_id": "T042608",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_10:version_22h2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "HLK Version 22H2",
                "product": {
                  "name": "Microsoft Windows 10 HLK Version 22H2",
                  "product_id": "T043733",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_10:hlk_version_22h2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "HLK version 21H2",
                "product": {
                  "name": "Microsoft Windows 10 HLK version 21H2",
                  "product_id": "T043734",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_10:hlk_version_21h2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "HLK version 21H1",
                "product": {
                  "name": "Microsoft Windows 10 HLK version 21H1",
                  "product_id": "T043735",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_10:hlk_version_21h1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "HLK version 20H2",
                "product": {
                  "name": "Microsoft Windows 10 HLK version 20H2",
                  "product_id": "T043736",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_10:hlk_version_20h2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Windows HLK for version 2004",
                "product": {
                  "name": "Microsoft Windows 10 Windows HLK for version 2004",
                  "product_id": "T043737",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_10:windows_hlk_for_version_2004"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Windows 10"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "HLK 22H2",
                "product": {
                  "name": "Microsoft Windows 11 HLK 22H2",
                  "product_id": "T025567",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_11:windows_terminal"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Version 22H2",
                "product": {
                  "name": "Microsoft Windows 11 Version 22H2",
                  "product_id": "T042607",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_11:version_22h2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Version 23H2",
                "product": {
                  "name": "Microsoft Windows 11 Version 23H2",
                  "product_id": "T042609",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_11:version_23h2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Version 24H2",
                "product": {
                  "name": "Microsoft Windows 11 Version 24H2",
                  "product_id": "T042611",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_11:version_24h2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "HLK 24H2",
                "product": {
                  "name": "Microsoft Windows 11 HLK 24H2",
                  "product_id": "T043738",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_11:hlk_24h2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Windows 11"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Windows HLK for 2025",
                "product": {
                  "name": "Microsoft Windows Server Windows HLK for 2025",
                  "product_id": "T019781",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_server:version_2004"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "2008 SP2",
                "product": {
                  "name": "Microsoft Windows Server 2008 SP2",
                  "product_id": "T042596",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_server:2008_sp2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "2025",
                "product": {
                  "name": "Microsoft Windows Server 2025",
                  "product_id": "T042612",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_server:2025"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "2008 R2 SP1",
                "product": {
                  "name": "Microsoft Windows Server 2008 R2 SP1",
                  "product_id": "T043719",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_server:2008_r2_sp1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Windows Server"
          },
          {
            "category": "product_name",
            "name": "Microsoft Windows Server 2012",
            "product": {
              "name": "Microsoft Windows Server 2012",
              "product_id": "T043730",
              "product_identification_helper": {
                "cpe": "cpe:/o:microsoft:windows_server_2012:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Microsoft Windows Server 2012 R2",
            "product": {
              "name": "Microsoft Windows Server 2012 R2",
              "product_id": "T043731",
              "product_identification_helper": {
                "cpe": "cpe:/o:microsoft:windows_server_2012_r2:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Microsoft Windows Server 2016",
            "product": {
              "name": "Microsoft Windows Server 2016",
              "product_id": "T042600",
              "product_identification_helper": {
                "cpe": "cpe:/o:microsoft:windows_server_2016:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Windows HLK for Windows Server 2019",
                "product": {
                  "name": "Microsoft Windows Server 2019 Windows HLK for Windows Server 2019",
                  "product_id": "T014557",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_server_2019:server_core_installation"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Microsoft Windows Server 2019",
                "product": {
                  "name": "Microsoft Windows Server 2019",
                  "product_id": "T042603",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_server_2019:-"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Windows Server 2019"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Microsoft Windows Server 2022",
                "product": {
                  "name": "Microsoft Windows Server 2022",
                  "product_id": "T041082",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_server_2022:-"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23H2 Edition",
                "product": {
                  "name": "Microsoft Windows Server 2022 23H2 Edition",
                  "product_id": "T042610",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_server_2022:23h2_edition"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Windows Server 2022"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-24063",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-24063"
    },
    {
      "cve": "CVE-2025-26677",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-26677"
    },
    {
      "cve": "CVE-2025-27468",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-27468"
    },
    {
      "cve": "CVE-2025-27488",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-27488"
    },
    {
      "cve": "CVE-2025-29829",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29829"
    },
    {
      "cve": "CVE-2025-29830",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29830"
    },
    {
      "cve": "CVE-2025-29831",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29831"
    },
    {
      "cve": "CVE-2025-29832",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29832"
    },
    {
      "cve": "CVE-2025-29833",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29833"
    },
    {
      "cve": "CVE-2025-29835",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29835"
    },
    {
      "cve": "CVE-2025-29836",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29836"
    },
    {
      "cve": "CVE-2025-29837",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29837"
    },
    {
      "cve": "CVE-2025-29838",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29838"
    },
    {
      "cve": "CVE-2025-29839",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29839"
    },
    {
      "cve": "CVE-2025-29840",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29840"
    },
    {
      "cve": "CVE-2025-29841",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29841"
    },
    {
      "cve": "CVE-2025-29842",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29842"
    },
    {
      "cve": "CVE-2025-29954",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29954"
    },
    {
      "cve": "CVE-2025-29955",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29955"
    },
    {
      "cve": "CVE-2025-29956",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29956"
    },
    {
      "cve": "CVE-2025-29957",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29957"
    },
    {
      "cve": "CVE-2025-29958",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29958"
    },
    {
      "cve": "CVE-2025-29959",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29959"
    },
    {
      "cve": "CVE-2025-29960",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29960"
    },
    {
      "cve": "CVE-2025-29961",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29961"
    },
    {
      "cve": "CVE-2025-29962",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29962"
    },
    {
      "cve": "CVE-2025-29963",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29963"
    },
    {
      "cve": "CVE-2025-29964",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29964"
    },
    {
      "cve": "CVE-2025-29966",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29966"
    },
    {
      "cve": "CVE-2025-29967",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29967"
    },
    {
      "cve": "CVE-2025-29968",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29968"
    },
    {
      "cve": "CVE-2025-29969",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29969"
    },
    {
      "cve": "CVE-2025-29970",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29970"
    },
    {
      "cve": "CVE-2025-29971",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29971"
    },
    {
      "cve": "CVE-2025-29974",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-29974"
    },
    {
      "cve": "CVE-2025-30385",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-30385"
    },
    {
      "cve": "CVE-2025-30388",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-30388"
    },
    {
      "cve": "CVE-2025-30394",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-30394"
    },
    {
      "cve": "CVE-2025-30397",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-30397"
    },
    {
      "cve": "CVE-2025-30400",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-30400"
    },
    {
      "cve": "CVE-2025-32701",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-32701"
    },
    {
      "cve": "CVE-2025-32706",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-32706"
    },
    {
      "cve": "CVE-2025-32707",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-32707"
    },
    {
      "cve": "CVE-2025-32709",
      "product_status": {
        "known_affected": [
          "T014557",
          "T043737",
          "T042605",
          "T043738",
          "T042606",
          "T042607",
          "T042608",
          "T043719",
          "T042609",
          "T042596",
          "T042599",
          "T042610",
          "T042611",
          "T042612",
          "T041082",
          "T042613",
          "T019781",
          "T043730",
          "T043731",
          "T042600",
          "T043733",
          "T042601",
          "T043734",
          "T042602",
          "T043735",
          "T042603",
          "T043736",
          "T021063",
          "T009295",
          "T025567"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-32709"
    }
  ]
}

ncsc-2025-0159

Vulnerability from csaf_ncscnl

Published

2025-05-13 19:47

Modified

2025-05-13 19:47

Summary

Kwetsbaarheden verholpen in Microsoft Windows

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten

Microsoft heeft kwetsbaarheden verholpen in Windows.

Interpretaties

Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade: - Denial-of-Service (DoS) - Omzeilen van een beveiligingsmaatregel - Uitvoer van willekeurige code (root/adminrechten) - Uitvoer van willekeurige code (gebruikersrechten) - Toegang tot systeemgegevens - Toegang tot gevoelige gegevens - Verkrijgen van verhoogde rechten ``` Windows Trusted Runtime Interface Driver: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-29829 | 5.50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows File Server: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-29839 | 4.00 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows Remote Desktop: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-29966 | 8.80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Active Directory Certificate Services (AD CS): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-29968 | 6.50 | Denial-of-Service | |----------------|------|-------------------------------------| Windows Ancillary Function Driver for WinSock: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-32709 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Drivers: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-29838 | 7.40 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Kernel: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-29974 | 5.70 | Toegang tot gevoelige gegevens | | CVE-2025-24063 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows DWM: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-30400 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Microsoft Brokering File System: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-29970 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Installer: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-29837 | 5.50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Microsoft Scripting Engine: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-30397 | 7.50 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Windows Hardware Lab Kit: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-27488 | 6.70 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Routing and Remote Access Service (RRAS): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-29959 | 6.50 | Toegang tot gevoelige gegevens | | CVE-2025-29960 | 6.50 | Toegang tot gevoelige gegevens | | CVE-2025-29830 | 6.50 | Toegang tot gevoelige gegevens | | CVE-2025-29832 | 6.50 | Toegang tot gevoelige gegevens | | CVE-2025-29835 | 6.50 | Toegang tot gevoelige gegevens | | CVE-2025-29836 | 6.50 | Toegang tot gevoelige gegevens | | CVE-2025-29958 | 6.50 | Toegang tot gevoelige gegevens | | CVE-2025-29961 | 6.50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows Win32K - GRFX: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-30388 | 7.80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Role: Windows Hyper-V: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-29955 | 6.20 | Denial-of-Service | |----------------|------|-------------------------------------| Web Threat Defense (WTD.sys): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-29971 | 7.50 | Denial-of-Service | |----------------|------|-------------------------------------| Windows NTFS: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-32707 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Remote Desktop Gateway Service: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-29967 | 8.80 | Uitvoeren van willekeurige code | | CVE-2025-30394 | 5.90 | Denial-of-Service | | CVE-2025-26677 | 7.50 | Denial-of-Service | | CVE-2025-29831 | 7.50 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Universal Print Management Service: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-29841 | 7.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Media: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-29964 | 8.80 | Uitvoeren van willekeurige code | | CVE-2025-29840 | 8.80 | Uitvoeren van willekeurige code | | CVE-2025-29962 | 8.80 | Uitvoeren van willekeurige code | | CVE-2025-29963 | 8.80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Windows Virtual Machine Bus: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-29833 | 7.10 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Windows SMB: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-29956 | 5.40 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows Common Log File System Driver: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-32701 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-32706 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-30385 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Secure Kernel Mode: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-27468 | 7.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Fundamentals: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-29969 | 7.50 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Windows LDAP - Lightweight Directory Access Protocol: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-29954 | 5.90 | Denial-of-Service | |----------------|------|-------------------------------------| Windows Deployment Services: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-29957 | 6.20 | Denial-of-Service | |----------------|------|-------------------------------------| UrlMon: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-29842 | 7.50 | Omzeilen van beveiligingsmaatregel | |----------------|------|-------------------------------------| ```

Oplossingen

Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op: https://portal.msrc.microsoft.com/en-us/security-guidance

Kans

medium

Schade

high

CWE-591

Sensitive Data Storage in Improperly Locked Memory

CWE-59

Improper Link Resolution Before File Access ('Link Following')

CWE-191

Integer Underflow (Wrap or Wraparound)

CWE-126

Buffer Over-read

CWE-349

Acceptance of Extraneous Untrusted Data With Trusted Data

CWE-367

Time-of-check Time-of-use (TOCTOU) Race Condition

CWE-908

Use of Uninitialized Resource

CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

CWE-798

Use of Hard-coded Credentials

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-125

Out-of-bounds Read

CWE-416

Use After Free

CWE-476

NULL Pointer Dereference

CWE-400

Uncontrolled Resource Consumption

CWE-122

Heap-based Buffer Overflow

CWE-121

Stack-based Buffer Overflow

CWE-269

Improper Privilege Management

CWE-20

Improper Input Validation

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Microsoft heeft kwetsbaarheden verholpen in Windows.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Omzeilen van een beveiligingsmaatregel\n- Uitvoer van willekeurige code (root/adminrechten)\n- Uitvoer van willekeurige code (gebruikersrechten)\n- Toegang tot systeemgegevens\n- Toegang tot gevoelige gegevens\n- Verkrijgen van verhoogde rechten\n\n```\nWindows Trusted Runtime Interface Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-29829 | 5.50 | Toegang tot gevoelige gegevens      | \n|----------------|------|-------------------------------------|\n\nWindows File Server: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-29839 | 4.00 | Toegang tot gevoelige gegevens      | \n|----------------|------|-------------------------------------|\n\nWindows Remote Desktop: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-29966 | 8.80 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\nActive Directory Certificate Services (AD CS): \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-29968 | 6.50 | Denial-of-Service                   | \n|----------------|------|-------------------------------------|\n\nWindows Ancillary Function Driver for WinSock: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-32709 | 7.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows Drivers: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-29838 | 7.40 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows Kernel: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-29974 | 5.70 | Toegang tot gevoelige gegevens      | \n| CVE-2025-24063 | 7.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows DWM: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-30400 | 7.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nMicrosoft Brokering File System: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-29970 | 7.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows Installer: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-29837 | 5.50 | Toegang tot gevoelige gegevens      | \n|----------------|------|-------------------------------------|\n\nMicrosoft Scripting Engine: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-30397 | 7.50 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\nWindows Hardware Lab Kit: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-27488 | 6.70 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows Routing and Remote Access Service (RRAS): \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-29959 | 6.50 | Toegang tot gevoelige gegevens      | \n| CVE-2025-29960 | 6.50 | Toegang tot gevoelige gegevens      | \n| CVE-2025-29830 | 6.50 | Toegang tot gevoelige gegevens      | \n| CVE-2025-29832 | 6.50 | Toegang tot gevoelige gegevens      | \n| CVE-2025-29835 | 6.50 | Toegang tot gevoelige gegevens      | \n| CVE-2025-29836 | 6.50 | Toegang tot gevoelige gegevens      | \n| CVE-2025-29958 | 6.50 | Toegang tot gevoelige gegevens      | \n| CVE-2025-29961 | 6.50 | Toegang tot gevoelige gegevens      | \n|----------------|------|-------------------------------------|\n\nWindows Win32K - GRFX: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-30388 | 7.80 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\nRole: Windows Hyper-V: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-29955 | 6.20 | Denial-of-Service                   | \n|----------------|------|-------------------------------------|\n\nWeb Threat Defense (WTD.sys): \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-29971 | 7.50 | Denial-of-Service                   | \n|----------------|------|-------------------------------------|\n\nWindows NTFS: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-32707 | 7.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nRemote Desktop Gateway Service: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-29967 | 8.80 | Uitvoeren van willekeurige code     | \n| CVE-2025-30394 | 5.90 | Denial-of-Service                   | \n| CVE-2025-26677 | 7.50 | Denial-of-Service                   | \n| CVE-2025-29831 | 7.50 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\nUniversal Print Management Service: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-29841 | 7.00 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows Media: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-29964 | 8.80 | Uitvoeren van willekeurige code     | \n| CVE-2025-29840 | 8.80 | Uitvoeren van willekeurige code     | \n| CVE-2025-29962 | 8.80 | Uitvoeren van willekeurige code     | \n| CVE-2025-29963 | 8.80 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\nWindows Virtual Machine Bus: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-29833 | 7.10 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\nWindows SMB: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-29956 | 5.40 | Toegang tot gevoelige gegevens      | \n|----------------|------|-------------------------------------|\n\nWindows Common Log File System Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-32701 | 7.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2025-32706 | 7.80 | Verkrijgen van verhoogde rechten    | \n| CVE-2025-30385 | 7.80 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows Secure Kernel Mode: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-27468 | 7.00 | Verkrijgen van verhoogde rechten    | \n|----------------|------|-------------------------------------|\n\nWindows Fundamentals: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-29969 | 7.50 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\nWindows LDAP - Lightweight Directory Access Protocol: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-29954 | 5.90 | Denial-of-Service                   | \n|----------------|------|-------------------------------------|\n\nWindows Deployment Services: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-29957 | 6.20 | Denial-of-Service                   | \n|----------------|------|-------------------------------------|\n\nUrlMon: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2025-29842 | 7.50 | Omzeilen van beveiligingsmaatregel  | \n|----------------|------|-------------------------------------|\n```",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:\n\nhttps://portal.msrc.microsoft.com/en-us/security-guidance",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Sensitive Data Storage in Improperly Locked Memory",
        "title": "CWE-591"
      },
      {
        "category": "general",
        "text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
        "title": "CWE-59"
      },
      {
        "category": "general",
        "text": "Integer Underflow (Wrap or Wraparound)",
        "title": "CWE-191"
      },
      {
        "category": "general",
        "text": "Buffer Over-read",
        "title": "CWE-126"
      },
      {
        "category": "general",
        "text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
        "title": "CWE-349"
      },
      {
        "category": "general",
        "text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
        "title": "CWE-367"
      },
      {
        "category": "general",
        "text": "Use of Uninitialized Resource",
        "title": "CWE-908"
      },
      {
        "category": "general",
        "text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
        "title": "CWE-843"
      },
      {
        "category": "general",
        "text": "Use of Hard-coded Credentials",
        "title": "CWE-798"
      },
      {
        "category": "general",
        "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
        "title": "CWE-362"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Read",
        "title": "CWE-125"
      },
      {
        "category": "general",
        "text": "Use After Free",
        "title": "CWE-416"
      },
      {
        "category": "general",
        "text": "NULL Pointer Dereference",
        "title": "CWE-476"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Heap-based Buffer Overflow",
        "title": "CWE-122"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Improper Privilege Management",
        "title": "CWE-269"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "title": "Kwetsbaarheden verholpen in Microsoft Windows",
    "tracking": {
      "current_release_date": "2025-05-13T19:47:12.555983Z",
      "generator": {
        "date": "2025-02-25T15:15:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.0"
        }
      },
      "id": "NCSC-2025-0159",
      "initial_release_date": "2025-05-13T19:47:12.555983Z",
      "revision_history": [
        {
          "date": "2025-05-13T19:47:12.555983Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.19045.5854",
                    "product": {
                      "name": "vers:microsoft/10.0.19045.5854",
                      "product_id": "CSAFPID-2835605",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.5854:*:*:*:*:*:x64:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows 10 Version 22H2 for x64-based Systems"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.22621.5335",
                    "product": {
                      "name": "vers:microsoft/10.0.22621.5335",
                      "product_id": "CSAFPID-2835604",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.5335:*:*:*:*:*:x64:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows 11 Version 22H2 for x64-based Systems"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.22621.5335",
                    "product": {
                      "name": "vers:microsoft/10.0.22621.5335",
                      "product_id": "CSAFPID-2835603",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.5335:*:*:*:*:*:arm64:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows 11 Version 22H2 for ARM64-based Systems"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.19044.5854",
                    "product": {
                      "name": "vers:microsoft/10.0.19044.5854",
                      "product_id": "CSAFPID-2835602",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.5854:*:*:*:*:*:x64:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows 10 Version 21H2 for x64-based Systems"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.19044.5854",
                    "product": {
                      "name": "vers:microsoft/10.0.19044.5854",
                      "product_id": "CSAFPID-2835601",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.5854:*:*:*:*:*:arm64:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows 10 Version 21H2 for ARM64-based Systems"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.19044.5854",
                    "product": {
                      "name": "vers:microsoft/10.0.19044.5854",
                      "product_id": "CSAFPID-2835600",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.5854:*:*:*:*:*:x86:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows 10 Version 21H2 for 32-bit Systems"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.20348.3692",
                    "product": {
                      "name": "vers:microsoft/10.0.20348.3692",
                      "product_id": "CSAFPID-2835599",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.3692:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows Server 2022 (Server Core installation)"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.17763.7314",
                    "product": {
                      "name": "vers:microsoft/10.0.17763.7314",
                      "product_id": "CSAFPID-2835596",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.7314:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows Server 2019"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.17763.7314",
                    "product": {
                      "name": "vers:microsoft/10.0.17763.7314",
                      "product_id": "CSAFPID-2835597",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.7314:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows Server 2019 (Server Core installation)"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.14393.8066",
                    "product": {
                      "name": "vers:microsoft/10.0.14393.8066",
                      "product_id": "CSAFPID-2835620",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.8066:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows Server 2016 (Server Core installation)"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.14393.8066",
                    "product": {
                      "name": "vers:microsoft/10.0.14393.8066",
                      "product_id": "CSAFPID-2835618",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.8066:*:*:*:*:*:x64:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows 10 Version 1607 for x64-based Systems"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.14393.8066",
                    "product": {
                      "name": "vers:microsoft/10.0.14393.8066",
                      "product_id": "CSAFPID-2835617",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.8066:*:*:*:*:*:x86:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows 10 Version 1607 for 32-bit Systems"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.10240.21014",
                    "product": {
                      "name": "vers:microsoft/10.0.10240.21014",
                      "product_id": "CSAFPID-2835616",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.21014:*:*:*:*:*:x64:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows 10 for x64-based Systems"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.10240.21014",
                    "product": {
                      "name": "vers:microsoft/10.0.10240.21014",
                      "product_id": "CSAFPID-2835615",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.21014:*:*:*:*:*:x86:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows 10 for 32-bit Systems"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/unknown",
                    "product": {
                      "name": "vers:microsoft/unknown",
                      "product_id": "CSAFPID-2835634",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_server_hlk_2025:*:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows HLK for Windows Server 2025"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.26100.4061",
                    "product": {
                      "name": "vers:microsoft/10.0.26100.4061",
                      "product_id": "CSAFPID-2835613",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_11_24H2:10.0.26100.4061:*:*:*:*:*:x64:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows 11 Version 24H2 for x64-based Systems"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.26100.4061",
                    "product": {
                      "name": "vers:microsoft/10.0.26100.4061",
                      "product_id": "CSAFPID-2835612",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_11_24H2:10.0.26100.4061:*:*:*:*:*:arm64:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows 11 Version 24H2 for ARM64-based Systems"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.22631.5335",
                    "product": {
                      "name": "vers:microsoft/10.0.22631.5335",
                      "product_id": "CSAFPID-2835610",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_11_23H2:10.0.22631.5335:*:*:*:*:*:x64:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows 11 Version 23H2 for x64-based Systems"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.22631.5335",
                    "product": {
                      "name": "vers:microsoft/10.0.22631.5335",
                      "product_id": "CSAFPID-2835609",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_11_23H2:10.0.22631.5335:*:*:*:*:*:arm64:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows 11 Version 23H2 for ARM64-based Systems"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.19045.5854",
                    "product": {
                      "name": "vers:microsoft/10.0.19045.5854",
                      "product_id": "CSAFPID-2835607",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.5854:*:*:*:*:*:x86:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows 10 Version 22H2 for 32-bit Systems"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.19045.5854",
                    "product": {
                      "name": "vers:microsoft/10.0.19045.5854",
                      "product_id": "CSAFPID-2835606",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.5854:*:*:*:*:*:arm64:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows 10 Version 22H2 for ARM64-based Systems"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.17763.7314",
                    "product": {
                      "name": "vers:microsoft/10.0.17763.7314",
                      "product_id": "CSAFPID-2835595",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.7314:*:*:*:*:*:x64:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows 10 Version 1809 for x64-based Systems"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.17763.7314",
                    "product": {
                      "name": "vers:microsoft/10.0.17763.7314",
                      "product_id": "CSAFPID-2835594",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.7314:*:*:*:*:*:x86:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows 10 Version 1809 for 32-bit Systems"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/unknown",
                    "product": {
                      "name": "vers:microsoft/unknown",
                      "product_id": "CSAFPID-2835644",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_server_hlk_2019:*:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows HLK for Windows Server 2019"
              }
            ],
            "category": "product_family",
            "name": "Windows"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.19044.5854 arm",
                    "product": {
                      "name": "vers:microsoft/10.0.19044.5854 arm",
                      "product_id": "CSAFPID-2835574"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows 10 21h2"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.14393.8066",
                    "product": {
                      "name": "vers:microsoft/10.0.14393.8066",
                      "product_id": "CSAFPID-2835563"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows Server 2016"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/10.0.26100.4061",
                    "product": {
                      "name": "vers:microsoft/10.0.26100.4061",
                      "product_id": "CSAFPID-2835557"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows Server 2025"
              }
            ],
            "category": "product_family",
            "name": "Microsoft"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/6.3.9600.0|\u003c6.3.9600.22577",
                "product": {
                  "name": "vers:unknown/6.3.9600.0|\u003c6.3.9600.22577",
                  "product_id": "CSAFPID-2835224"
                }
              }
            ],
            "category": "product_name",
            "name": "Windows Server 2012 R2"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/6.3.9600.0|\u003c6.3.9600.22577",
                "product": {
                  "name": "vers:unknown/6.3.9600.0|\u003c6.3.9600.22577",
                  "product_id": "CSAFPID-2835225"
                }
              }
            ],
            "category": "product_name",
            "name": "Windows Server 2012 R2 (Server Core installation)"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/6.2.9200.25475",
                    "product": {
                      "name": "vers:microsoft/6.2.9200.25475",
                      "product_id": "CSAFPID-2835627",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.25475:*:*:*:*:*:x64:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows Server 2012"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/6.1.7601.27729",
                    "product": {
                      "name": "vers:microsoft/6.1.7601.27729",
                      "product_id": "CSAFPID-2835625",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.27729:*:*:*:*:*:x64:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/6.1.7601.27729",
                    "product": {
                      "name": "vers:microsoft/6.1.7601.27729",
                      "product_id": "CSAFPID-2835626",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.27729:*:*:*:*:*:x64:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/6.0.6003.23279",
                    "product": {
                      "name": "vers:microsoft/6.0.6003.23279",
                      "product_id": "CSAFPID-2835624",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.23279:*:*:*:*:*:x86:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/6.0.6003.23279",
                    "product": {
                      "name": "vers:microsoft/6.0.6003.23279",
                      "product_id": "CSAFPID-2835621",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.23279:*:*:*:*:*:x64:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows Server 2008 for 32-bit Systems Service Pack 2"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:microsoft/6.0.6003.23279",
                    "product": {
                      "name": "vers:microsoft/6.0.6003.23279",
                      "product_id": "CSAFPID-2835622",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.23279:*:*:*:*:*:x64:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)"
              }
            ],
            "category": "product_family",
            "name": "ESU"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/10.0.25398.0|\u003c10.0.25398.1611",
                "product": {
                  "name": "vers:unknown/10.0.25398.0|\u003c10.0.25398.1611",
                  "product_id": "CSAFPID-2835218"
                }
              }
            ],
            "category": "product_name",
            "name": "Windows Server 2022, 23H2 Edition (Server Core installation)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/10.0.26100.0|\u003c10.0.26100.4061",
                "product": {
                  "name": "vers:unknown/10.0.26100.0|\u003c10.0.26100.4061",
                  "product_id": "CSAFPID-2835217"
                }
              }
            ],
            "category": "product_name",
            "name": "Windows Server 2025 (Server Core installation)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/1.0.0|\u003c16.97.25042725",
                "product": {
                  "name": "vers:unknown/1.0.0|\u003c16.97.25042725",
                  "product_id": "CSAFPID-2835429"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft Office LTSC for Mac 2024"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/16.0.1|\u003c16.0.14326.22502",
                "product": {
                  "name": "vers:unknown/16.0.1|\u003c16.0.14326.22502",
                  "product_id": "CSAFPID-2835439"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft Office for Universal"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/16.0.1|\u003c16.0.18827.20000",
                "product": {
                  "name": "vers:unknown/16.0.1|\u003c16.0.18827.20000",
                  "product_id": "CSAFPID-2835428"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft Office for Android"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/16.0.1|\u003c16.97.25042725",
                "product": {
                  "name": "vers:unknown/16.0.1|\u003c16.97.25042725",
                  "product_id": "CSAFPID-2835427"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft Office LTSC for Mac 2021"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-1260618"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft Windows Server 2022"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-1322604"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft Windows Server 2012 R2 (Server Core installation)"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-29959",
      "cwe": {
        "id": "CWE-908",
        "name": "Use of Uninitialized Resource"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use of Uninitialized Resource",
          "title": "CWE-908"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29959",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29959.json"
        }
      ],
      "title": "CVE-2025-29959"
    },
    {
      "cve": "CVE-2025-29960",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29960",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29960.json"
        }
      ],
      "title": "CVE-2025-29960"
    },
    {
      "cve": "CVE-2025-29964",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29964",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29964.json"
        }
      ],
      "title": "CVE-2025-29964"
    },
    {
      "cve": "CVE-2025-29966",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29966",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29966.json"
        }
      ],
      "title": "CVE-2025-29966"
    },
    {
      "cve": "CVE-2025-29967",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29967",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29967.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2835605",
            "CSAFPID-2835604",
            "CSAFPID-2835603",
            "CSAFPID-2835574",
            "CSAFPID-2835602",
            "CSAFPID-2835601",
            "CSAFPID-2835600",
            "CSAFPID-2835599",
            "CSAFPID-1260618",
            "CSAFPID-2835596",
            "CSAFPID-2835597",
            "CSAFPID-1322604",
            "CSAFPID-2835224",
            "CSAFPID-2835225",
            "CSAFPID-2835627",
            "CSAFPID-2835625",
            "CSAFPID-2835626",
            "CSAFPID-2835624",
            "CSAFPID-2835621",
            "CSAFPID-2835622",
            "CSAFPID-2835620",
            "CSAFPID-2835563",
            "CSAFPID-2835618",
            "CSAFPID-2835617",
            "CSAFPID-2835616",
            "CSAFPID-2835615",
            "CSAFPID-2835634",
            "CSAFPID-2835613",
            "CSAFPID-2835612",
            "CSAFPID-2835218",
            "CSAFPID-2835610",
            "CSAFPID-2835609",
            "CSAFPID-2835217",
            "CSAFPID-2835607",
            "CSAFPID-2835606",
            "CSAFPID-2835595",
            "CSAFPID-2835594",
            "CSAFPID-2835557",
            "CSAFPID-2835429",
            "CSAFPID-2835439",
            "CSAFPID-2835428",
            "CSAFPID-2835427",
            "CSAFPID-2835644"
          ]
        }
      ],
      "title": "CVE-2025-29967"
    },
    {
      "cve": "CVE-2025-29969",
      "cwe": {
        "id": "CWE-367",
        "name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
      },
      "notes": [
        {
          "category": "other",
          "text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
          "title": "CWE-367"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29969",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29969.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2835605",
            "CSAFPID-2835604",
            "CSAFPID-2835603",
            "CSAFPID-2835574",
            "CSAFPID-2835602",
            "CSAFPID-2835601",
            "CSAFPID-2835600",
            "CSAFPID-2835599",
            "CSAFPID-1260618",
            "CSAFPID-2835596",
            "CSAFPID-2835597",
            "CSAFPID-1322604",
            "CSAFPID-2835224",
            "CSAFPID-2835225",
            "CSAFPID-2835627",
            "CSAFPID-2835625",
            "CSAFPID-2835626",
            "CSAFPID-2835624",
            "CSAFPID-2835621",
            "CSAFPID-2835622",
            "CSAFPID-2835620",
            "CSAFPID-2835563",
            "CSAFPID-2835618",
            "CSAFPID-2835617",
            "CSAFPID-2835616",
            "CSAFPID-2835615",
            "CSAFPID-2835634",
            "CSAFPID-2835613",
            "CSAFPID-2835612",
            "CSAFPID-2835218",
            "CSAFPID-2835610",
            "CSAFPID-2835609",
            "CSAFPID-2835217",
            "CSAFPID-2835607",
            "CSAFPID-2835606",
            "CSAFPID-2835595",
            "CSAFPID-2835594",
            "CSAFPID-2835557",
            "CSAFPID-2835429",
            "CSAFPID-2835439",
            "CSAFPID-2835428",
            "CSAFPID-2835427",
            "CSAFPID-2835644"
          ]
        }
      ],
      "title": "CVE-2025-29969"
    },
    {
      "cve": "CVE-2025-27468",
      "cwe": {
        "id": "CWE-269",
        "name": "Improper Privilege Management"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Privilege Management",
          "title": "CWE-269"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-27468",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27468.json"
        }
      ],
      "title": "CVE-2025-27468"
    },
    {
      "cve": "CVE-2025-30400",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-30400",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30400.json"
        }
      ],
      "title": "CVE-2025-30400"
    },
    {
      "cve": "CVE-2025-32701",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-32701",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-32701.json"
        }
      ],
      "title": "CVE-2025-32701"
    },
    {
      "cve": "CVE-2025-32706",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-32706",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-32706.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2835605",
            "CSAFPID-2835604",
            "CSAFPID-2835603",
            "CSAFPID-2835574",
            "CSAFPID-2835602",
            "CSAFPID-2835601",
            "CSAFPID-2835600",
            "CSAFPID-2835599",
            "CSAFPID-1260618",
            "CSAFPID-2835596",
            "CSAFPID-2835597",
            "CSAFPID-1322604",
            "CSAFPID-2835224",
            "CSAFPID-2835225",
            "CSAFPID-2835627",
            "CSAFPID-2835625",
            "CSAFPID-2835626",
            "CSAFPID-2835624",
            "CSAFPID-2835621",
            "CSAFPID-2835622",
            "CSAFPID-2835620",
            "CSAFPID-2835563",
            "CSAFPID-2835618",
            "CSAFPID-2835617",
            "CSAFPID-2835616",
            "CSAFPID-2835615",
            "CSAFPID-2835634",
            "CSAFPID-2835613",
            "CSAFPID-2835612",
            "CSAFPID-2835218",
            "CSAFPID-2835610",
            "CSAFPID-2835609",
            "CSAFPID-2835217",
            "CSAFPID-2835607",
            "CSAFPID-2835606",
            "CSAFPID-2835595",
            "CSAFPID-2835594",
            "CSAFPID-2835557",
            "CSAFPID-2835429",
            "CSAFPID-2835439",
            "CSAFPID-2835428",
            "CSAFPID-2835427",
            "CSAFPID-2835644"
          ]
        }
      ],
      "title": "CVE-2025-32706"
    },
    {
      "cve": "CVE-2025-32709",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-32709",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-32709.json"
        }
      ],
      "title": "CVE-2025-32709"
    },
    {
      "cve": "CVE-2025-29829",
      "cwe": {
        "id": "CWE-908",
        "name": "Use of Uninitialized Resource"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use of Uninitialized Resource",
          "title": "CWE-908"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29829",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29829.json"
        }
      ],
      "title": "CVE-2025-29829"
    },
    {
      "cve": "CVE-2025-29830",
      "cwe": {
        "id": "CWE-908",
        "name": "Use of Uninitialized Resource"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use of Uninitialized Resource",
          "title": "CWE-908"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29830",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29830.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2835605",
            "CSAFPID-2835604",
            "CSAFPID-2835603",
            "CSAFPID-2835574",
            "CSAFPID-2835602",
            "CSAFPID-2835601",
            "CSAFPID-2835600",
            "CSAFPID-2835599",
            "CSAFPID-1260618",
            "CSAFPID-2835596",
            "CSAFPID-2835597",
            "CSAFPID-1322604",
            "CSAFPID-2835224",
            "CSAFPID-2835225",
            "CSAFPID-2835627",
            "CSAFPID-2835625",
            "CSAFPID-2835626",
            "CSAFPID-2835624",
            "CSAFPID-2835621",
            "CSAFPID-2835622",
            "CSAFPID-2835620",
            "CSAFPID-2835563",
            "CSAFPID-2835618",
            "CSAFPID-2835617",
            "CSAFPID-2835616",
            "CSAFPID-2835615",
            "CSAFPID-2835634",
            "CSAFPID-2835613",
            "CSAFPID-2835612",
            "CSAFPID-2835218",
            "CSAFPID-2835610",
            "CSAFPID-2835609",
            "CSAFPID-2835217",
            "CSAFPID-2835607",
            "CSAFPID-2835606",
            "CSAFPID-2835595",
            "CSAFPID-2835594",
            "CSAFPID-2835557",
            "CSAFPID-2835429",
            "CSAFPID-2835439",
            "CSAFPID-2835428",
            "CSAFPID-2835427",
            "CSAFPID-2835644"
          ]
        }
      ],
      "title": "CVE-2025-29830"
    },
    {
      "cve": "CVE-2025-29832",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29832",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29832.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2835605",
            "CSAFPID-2835604",
            "CSAFPID-2835603",
            "CSAFPID-2835574",
            "CSAFPID-2835602",
            "CSAFPID-2835601",
            "CSAFPID-2835600",
            "CSAFPID-2835599",
            "CSAFPID-1260618",
            "CSAFPID-2835596",
            "CSAFPID-2835597",
            "CSAFPID-1322604",
            "CSAFPID-2835224",
            "CSAFPID-2835225",
            "CSAFPID-2835627",
            "CSAFPID-2835625",
            "CSAFPID-2835626",
            "CSAFPID-2835624",
            "CSAFPID-2835621",
            "CSAFPID-2835622",
            "CSAFPID-2835620",
            "CSAFPID-2835563",
            "CSAFPID-2835618",
            "CSAFPID-2835617",
            "CSAFPID-2835616",
            "CSAFPID-2835615",
            "CSAFPID-2835634",
            "CSAFPID-2835613",
            "CSAFPID-2835612",
            "CSAFPID-2835218",
            "CSAFPID-2835610",
            "CSAFPID-2835609",
            "CSAFPID-2835217",
            "CSAFPID-2835607",
            "CSAFPID-2835606",
            "CSAFPID-2835595",
            "CSAFPID-2835594",
            "CSAFPID-2835557",
            "CSAFPID-2835429",
            "CSAFPID-2835439",
            "CSAFPID-2835428",
            "CSAFPID-2835427",
            "CSAFPID-2835644"
          ]
        }
      ],
      "title": "CVE-2025-29832"
    },
    {
      "cve": "CVE-2025-29833",
      "cwe": {
        "id": "CWE-367",
        "name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
      },
      "notes": [
        {
          "category": "other",
          "text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
          "title": "CWE-367"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29833",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29833.json"
        }
      ],
      "title": "CVE-2025-29833"
    },
    {
      "cve": "CVE-2025-29835",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29835",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29835.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2835605",
            "CSAFPID-2835604",
            "CSAFPID-2835603",
            "CSAFPID-2835574",
            "CSAFPID-2835602",
            "CSAFPID-2835601",
            "CSAFPID-2835600",
            "CSAFPID-2835599",
            "CSAFPID-1260618",
            "CSAFPID-2835596",
            "CSAFPID-2835597",
            "CSAFPID-1322604",
            "CSAFPID-2835224",
            "CSAFPID-2835225",
            "CSAFPID-2835627",
            "CSAFPID-2835625",
            "CSAFPID-2835626",
            "CSAFPID-2835624",
            "CSAFPID-2835621",
            "CSAFPID-2835622",
            "CSAFPID-2835620",
            "CSAFPID-2835563",
            "CSAFPID-2835618",
            "CSAFPID-2835617",
            "CSAFPID-2835616",
            "CSAFPID-2835615",
            "CSAFPID-2835634",
            "CSAFPID-2835613",
            "CSAFPID-2835612",
            "CSAFPID-2835218",
            "CSAFPID-2835610",
            "CSAFPID-2835609",
            "CSAFPID-2835217",
            "CSAFPID-2835607",
            "CSAFPID-2835606",
            "CSAFPID-2835595",
            "CSAFPID-2835594",
            "CSAFPID-2835557",
            "CSAFPID-2835429",
            "CSAFPID-2835439",
            "CSAFPID-2835428",
            "CSAFPID-2835427",
            "CSAFPID-2835644"
          ]
        }
      ],
      "title": "CVE-2025-29835"
    },
    {
      "cve": "CVE-2025-29836",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29836",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29836.json"
        }
      ],
      "title": "CVE-2025-29836"
    },
    {
      "cve": "CVE-2025-29837",
      "cwe": {
        "id": "CWE-59",
        "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
          "title": "CWE-59"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29837",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29837.json"
        }
      ],
      "title": "CVE-2025-29837"
    },
    {
      "cve": "CVE-2025-29839",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29839",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29839.json"
        }
      ],
      "title": "CVE-2025-29839"
    },
    {
      "cve": "CVE-2025-29840",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29840",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29840.json"
        }
      ],
      "title": "CVE-2025-29840"
    },
    {
      "cve": "CVE-2025-29842",
      "cwe": {
        "id": "CWE-349",
        "name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
          "title": "CWE-349"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29842",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29842.json"
        }
      ],
      "title": "CVE-2025-29842"
    },
    {
      "cve": "CVE-2025-29954",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29954",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29954.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2835605",
            "CSAFPID-2835604",
            "CSAFPID-2835603",
            "CSAFPID-2835574",
            "CSAFPID-2835602",
            "CSAFPID-2835601",
            "CSAFPID-2835600",
            "CSAFPID-2835599",
            "CSAFPID-1260618",
            "CSAFPID-2835596",
            "CSAFPID-2835597",
            "CSAFPID-1322604",
            "CSAFPID-2835224",
            "CSAFPID-2835225",
            "CSAFPID-2835627",
            "CSAFPID-2835625",
            "CSAFPID-2835626",
            "CSAFPID-2835624",
            "CSAFPID-2835621",
            "CSAFPID-2835622",
            "CSAFPID-2835620",
            "CSAFPID-2835563",
            "CSAFPID-2835618",
            "CSAFPID-2835617",
            "CSAFPID-2835616",
            "CSAFPID-2835615",
            "CSAFPID-2835634",
            "CSAFPID-2835613",
            "CSAFPID-2835612",
            "CSAFPID-2835218",
            "CSAFPID-2835610",
            "CSAFPID-2835609",
            "CSAFPID-2835217",
            "CSAFPID-2835607",
            "CSAFPID-2835606",
            "CSAFPID-2835595",
            "CSAFPID-2835594",
            "CSAFPID-2835557",
            "CSAFPID-2835429",
            "CSAFPID-2835439",
            "CSAFPID-2835428",
            "CSAFPID-2835427",
            "CSAFPID-2835644"
          ]
        }
      ],
      "title": "CVE-2025-29954"
    },
    {
      "cve": "CVE-2025-29956",
      "cwe": {
        "id": "CWE-126",
        "name": "Buffer Over-read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Over-read",
          "title": "CWE-126"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29956",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29956.json"
        }
      ],
      "title": "CVE-2025-29956"
    },
    {
      "cve": "CVE-2025-29957",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29957",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29957.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2835605",
            "CSAFPID-2835604",
            "CSAFPID-2835603",
            "CSAFPID-2835574",
            "CSAFPID-2835602",
            "CSAFPID-2835601",
            "CSAFPID-2835600",
            "CSAFPID-2835599",
            "CSAFPID-1260618",
            "CSAFPID-2835596",
            "CSAFPID-2835597",
            "CSAFPID-1322604",
            "CSAFPID-2835224",
            "CSAFPID-2835225",
            "CSAFPID-2835627",
            "CSAFPID-2835625",
            "CSAFPID-2835626",
            "CSAFPID-2835624",
            "CSAFPID-2835621",
            "CSAFPID-2835622",
            "CSAFPID-2835620",
            "CSAFPID-2835563",
            "CSAFPID-2835618",
            "CSAFPID-2835617",
            "CSAFPID-2835616",
            "CSAFPID-2835615",
            "CSAFPID-2835634",
            "CSAFPID-2835613",
            "CSAFPID-2835612",
            "CSAFPID-2835218",
            "CSAFPID-2835610",
            "CSAFPID-2835609",
            "CSAFPID-2835217",
            "CSAFPID-2835607",
            "CSAFPID-2835606",
            "CSAFPID-2835595",
            "CSAFPID-2835594",
            "CSAFPID-2835557",
            "CSAFPID-2835429",
            "CSAFPID-2835439",
            "CSAFPID-2835428",
            "CSAFPID-2835427",
            "CSAFPID-2835644"
          ]
        }
      ],
      "title": "CVE-2025-29957"
    },
    {
      "cve": "CVE-2025-29958",
      "cwe": {
        "id": "CWE-908",
        "name": "Use of Uninitialized Resource"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use of Uninitialized Resource",
          "title": "CWE-908"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29958",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29958.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2835605",
            "CSAFPID-2835604",
            "CSAFPID-2835603",
            "CSAFPID-2835574",
            "CSAFPID-2835602",
            "CSAFPID-2835601",
            "CSAFPID-2835600",
            "CSAFPID-2835599",
            "CSAFPID-1260618",
            "CSAFPID-2835596",
            "CSAFPID-2835597",
            "CSAFPID-1322604",
            "CSAFPID-2835224",
            "CSAFPID-2835225",
            "CSAFPID-2835627",
            "CSAFPID-2835625",
            "CSAFPID-2835626",
            "CSAFPID-2835624",
            "CSAFPID-2835621",
            "CSAFPID-2835622",
            "CSAFPID-2835620",
            "CSAFPID-2835563",
            "CSAFPID-2835618",
            "CSAFPID-2835617",
            "CSAFPID-2835616",
            "CSAFPID-2835615",
            "CSAFPID-2835634",
            "CSAFPID-2835613",
            "CSAFPID-2835612",
            "CSAFPID-2835218",
            "CSAFPID-2835610",
            "CSAFPID-2835609",
            "CSAFPID-2835217",
            "CSAFPID-2835607",
            "CSAFPID-2835606",
            "CSAFPID-2835595",
            "CSAFPID-2835594",
            "CSAFPID-2835557",
            "CSAFPID-2835429",
            "CSAFPID-2835439",
            "CSAFPID-2835428",
            "CSAFPID-2835427",
            "CSAFPID-2835644"
          ]
        }
      ],
      "title": "CVE-2025-29958"
    },
    {
      "cve": "CVE-2025-29961",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29961",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29961.json"
        }
      ],
      "title": "CVE-2025-29961"
    },
    {
      "cve": "CVE-2025-29962",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29962",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29962.json"
        }
      ],
      "title": "CVE-2025-29962"
    },
    {
      "cve": "CVE-2025-29963",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29963",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29963.json"
        }
      ],
      "title": "CVE-2025-29963"
    },
    {
      "cve": "CVE-2025-29974",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "other",
          "text": "Integer Underflow (Wrap or Wraparound)",
          "title": "CWE-191"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29974",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29974.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2835605",
            "CSAFPID-2835604",
            "CSAFPID-2835603",
            "CSAFPID-2835574",
            "CSAFPID-2835602",
            "CSAFPID-2835601",
            "CSAFPID-2835600",
            "CSAFPID-2835599",
            "CSAFPID-1260618",
            "CSAFPID-2835596",
            "CSAFPID-2835597",
            "CSAFPID-1322604",
            "CSAFPID-2835224",
            "CSAFPID-2835225",
            "CSAFPID-2835627",
            "CSAFPID-2835625",
            "CSAFPID-2835626",
            "CSAFPID-2835624",
            "CSAFPID-2835621",
            "CSAFPID-2835622",
            "CSAFPID-2835620",
            "CSAFPID-2835563",
            "CSAFPID-2835618",
            "CSAFPID-2835617",
            "CSAFPID-2835616",
            "CSAFPID-2835615",
            "CSAFPID-2835634",
            "CSAFPID-2835613",
            "CSAFPID-2835612",
            "CSAFPID-2835218",
            "CSAFPID-2835610",
            "CSAFPID-2835609",
            "CSAFPID-2835217",
            "CSAFPID-2835607",
            "CSAFPID-2835606",
            "CSAFPID-2835595",
            "CSAFPID-2835594",
            "CSAFPID-2835557",
            "CSAFPID-2835429",
            "CSAFPID-2835439",
            "CSAFPID-2835428",
            "CSAFPID-2835427",
            "CSAFPID-2835644"
          ]
        }
      ],
      "title": "CVE-2025-29974"
    },
    {
      "cve": "CVE-2025-30385",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-30385",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30385.json"
        }
      ],
      "title": "CVE-2025-30385"
    },
    {
      "cve": "CVE-2025-30388",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-30388",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30388.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2835605",
            "CSAFPID-2835604",
            "CSAFPID-2835603",
            "CSAFPID-2835574",
            "CSAFPID-2835602",
            "CSAFPID-2835601",
            "CSAFPID-2835600",
            "CSAFPID-2835599",
            "CSAFPID-1260618",
            "CSAFPID-2835596",
            "CSAFPID-2835597",
            "CSAFPID-1322604",
            "CSAFPID-2835224",
            "CSAFPID-2835225",
            "CSAFPID-2835627",
            "CSAFPID-2835625",
            "CSAFPID-2835626",
            "CSAFPID-2835624",
            "CSAFPID-2835621",
            "CSAFPID-2835622",
            "CSAFPID-2835620",
            "CSAFPID-2835563",
            "CSAFPID-2835618",
            "CSAFPID-2835617",
            "CSAFPID-2835616",
            "CSAFPID-2835615",
            "CSAFPID-2835634",
            "CSAFPID-2835613",
            "CSAFPID-2835612",
            "CSAFPID-2835218",
            "CSAFPID-2835610",
            "CSAFPID-2835609",
            "CSAFPID-2835217",
            "CSAFPID-2835607",
            "CSAFPID-2835606",
            "CSAFPID-2835595",
            "CSAFPID-2835594",
            "CSAFPID-2835557",
            "CSAFPID-2835429",
            "CSAFPID-2835439",
            "CSAFPID-2835428",
            "CSAFPID-2835427",
            "CSAFPID-2835644"
          ]
        }
      ],
      "title": "CVE-2025-30388"
    },
    {
      "cve": "CVE-2025-30397",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
          "title": "CWE-843"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-30397",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30397.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2835605",
            "CSAFPID-2835604",
            "CSAFPID-2835603",
            "CSAFPID-2835574",
            "CSAFPID-2835602",
            "CSAFPID-2835601",
            "CSAFPID-2835600",
            "CSAFPID-2835599",
            "CSAFPID-1260618",
            "CSAFPID-2835596",
            "CSAFPID-2835597",
            "CSAFPID-1322604",
            "CSAFPID-2835224",
            "CSAFPID-2835225",
            "CSAFPID-2835627",
            "CSAFPID-2835625",
            "CSAFPID-2835626",
            "CSAFPID-2835624",
            "CSAFPID-2835621",
            "CSAFPID-2835622",
            "CSAFPID-2835620",
            "CSAFPID-2835563",
            "CSAFPID-2835618",
            "CSAFPID-2835617",
            "CSAFPID-2835616",
            "CSAFPID-2835615",
            "CSAFPID-2835634",
            "CSAFPID-2835613",
            "CSAFPID-2835612",
            "CSAFPID-2835218",
            "CSAFPID-2835610",
            "CSAFPID-2835609",
            "CSAFPID-2835217",
            "CSAFPID-2835607",
            "CSAFPID-2835606",
            "CSAFPID-2835595",
            "CSAFPID-2835594",
            "CSAFPID-2835557",
            "CSAFPID-2835429",
            "CSAFPID-2835439",
            "CSAFPID-2835428",
            "CSAFPID-2835427",
            "CSAFPID-2835644"
          ]
        }
      ],
      "title": "CVE-2025-30397"
    },
    {
      "cve": "CVE-2025-32707",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-32707",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-32707.json"
        }
      ],
      "title": "CVE-2025-32707"
    },
    {
      "cve": "CVE-2025-24063",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-24063",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24063.json"
        }
      ],
      "title": "CVE-2025-24063"
    },
    {
      "cve": "CVE-2025-29968",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29968",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29968.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2835605",
            "CSAFPID-2835604",
            "CSAFPID-2835603",
            "CSAFPID-2835574",
            "CSAFPID-2835602",
            "CSAFPID-2835601",
            "CSAFPID-2835600",
            "CSAFPID-2835599",
            "CSAFPID-1260618",
            "CSAFPID-2835596",
            "CSAFPID-2835597",
            "CSAFPID-1322604",
            "CSAFPID-2835224",
            "CSAFPID-2835225",
            "CSAFPID-2835627",
            "CSAFPID-2835625",
            "CSAFPID-2835626",
            "CSAFPID-2835624",
            "CSAFPID-2835621",
            "CSAFPID-2835622",
            "CSAFPID-2835620",
            "CSAFPID-2835563",
            "CSAFPID-2835618",
            "CSAFPID-2835617",
            "CSAFPID-2835616",
            "CSAFPID-2835615",
            "CSAFPID-2835634",
            "CSAFPID-2835613",
            "CSAFPID-2835612",
            "CSAFPID-2835218",
            "CSAFPID-2835610",
            "CSAFPID-2835609",
            "CSAFPID-2835217",
            "CSAFPID-2835607",
            "CSAFPID-2835606",
            "CSAFPID-2835595",
            "CSAFPID-2835594",
            "CSAFPID-2835557",
            "CSAFPID-2835429",
            "CSAFPID-2835439",
            "CSAFPID-2835428",
            "CSAFPID-2835427",
            "CSAFPID-2835644"
          ]
        }
      ],
      "title": "CVE-2025-29968"
    },
    {
      "cve": "CVE-2025-30394",
      "cwe": {
        "id": "CWE-591",
        "name": "Sensitive Data Storage in Improperly Locked Memory"
      },
      "notes": [
        {
          "category": "other",
          "text": "Sensitive Data Storage in Improperly Locked Memory",
          "title": "CWE-591"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-30394",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30394.json"
        }
      ],
      "title": "CVE-2025-30394"
    },
    {
      "cve": "CVE-2025-26677",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-26677",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26677.json"
        }
      ],
      "title": "CVE-2025-26677"
    },
    {
      "cve": "CVE-2025-29831",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29831",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29831.json"
        }
      ],
      "title": "CVE-2025-29831"
    },
    {
      "cve": "CVE-2025-29841",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
          "title": "CWE-362"
        },
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29841",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29841.json"
        }
      ],
      "title": "CVE-2025-29841"
    },
    {
      "cve": "CVE-2025-29971",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29971",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29971.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2835605",
            "CSAFPID-2835604",
            "CSAFPID-2835603",
            "CSAFPID-2835574",
            "CSAFPID-2835602",
            "CSAFPID-2835601",
            "CSAFPID-2835600",
            "CSAFPID-2835599",
            "CSAFPID-1260618",
            "CSAFPID-2835596",
            "CSAFPID-2835597",
            "CSAFPID-1322604",
            "CSAFPID-2835224",
            "CSAFPID-2835225",
            "CSAFPID-2835627",
            "CSAFPID-2835625",
            "CSAFPID-2835626",
            "CSAFPID-2835624",
            "CSAFPID-2835621",
            "CSAFPID-2835622",
            "CSAFPID-2835620",
            "CSAFPID-2835563",
            "CSAFPID-2835618",
            "CSAFPID-2835617",
            "CSAFPID-2835616",
            "CSAFPID-2835615",
            "CSAFPID-2835634",
            "CSAFPID-2835613",
            "CSAFPID-2835612",
            "CSAFPID-2835218",
            "CSAFPID-2835610",
            "CSAFPID-2835609",
            "CSAFPID-2835217",
            "CSAFPID-2835607",
            "CSAFPID-2835606",
            "CSAFPID-2835595",
            "CSAFPID-2835594",
            "CSAFPID-2835557",
            "CSAFPID-2835429",
            "CSAFPID-2835439",
            "CSAFPID-2835428",
            "CSAFPID-2835427",
            "CSAFPID-2835644"
          ]
        }
      ],
      "title": "CVE-2025-29971"
    },
    {
      "cve": "CVE-2025-29970",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29970",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29970.json"
        }
      ],
      "title": "CVE-2025-29970"
    },
    {
      "cve": "CVE-2025-29838",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29838",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29838.json"
        }
      ],
      "title": "CVE-2025-29838"
    },
    {
      "cve": "CVE-2025-29955",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29955",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29955.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2835605",
            "CSAFPID-2835604",
            "CSAFPID-2835603",
            "CSAFPID-2835574",
            "CSAFPID-2835602",
            "CSAFPID-2835601",
            "CSAFPID-2835600",
            "CSAFPID-2835599",
            "CSAFPID-1260618",
            "CSAFPID-2835596",
            "CSAFPID-2835597",
            "CSAFPID-1322604",
            "CSAFPID-2835224",
            "CSAFPID-2835225",
            "CSAFPID-2835627",
            "CSAFPID-2835625",
            "CSAFPID-2835626",
            "CSAFPID-2835624",
            "CSAFPID-2835621",
            "CSAFPID-2835622",
            "CSAFPID-2835620",
            "CSAFPID-2835563",
            "CSAFPID-2835618",
            "CSAFPID-2835617",
            "CSAFPID-2835616",
            "CSAFPID-2835615",
            "CSAFPID-2835634",
            "CSAFPID-2835613",
            "CSAFPID-2835612",
            "CSAFPID-2835218",
            "CSAFPID-2835610",
            "CSAFPID-2835609",
            "CSAFPID-2835217",
            "CSAFPID-2835607",
            "CSAFPID-2835606",
            "CSAFPID-2835595",
            "CSAFPID-2835594",
            "CSAFPID-2835557",
            "CSAFPID-2835429",
            "CSAFPID-2835439",
            "CSAFPID-2835428",
            "CSAFPID-2835427",
            "CSAFPID-2835644"
          ]
        }
      ],
      "title": "CVE-2025-29955"
    },
    {
      "cve": "CVE-2025-27488",
      "cwe": {
        "id": "CWE-798",
        "name": "Use of Hard-coded Credentials"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use of Hard-coded Credentials",
          "title": "CWE-798"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2835605",
          "CSAFPID-2835604",
          "CSAFPID-2835603",
          "CSAFPID-2835574",
          "CSAFPID-2835602",
          "CSAFPID-2835601",
          "CSAFPID-2835600",
          "CSAFPID-2835599",
          "CSAFPID-1260618",
          "CSAFPID-2835596",
          "CSAFPID-2835597",
          "CSAFPID-1322604",
          "CSAFPID-2835224",
          "CSAFPID-2835225",
          "CSAFPID-2835627",
          "CSAFPID-2835625",
          "CSAFPID-2835626",
          "CSAFPID-2835624",
          "CSAFPID-2835621",
          "CSAFPID-2835622",
          "CSAFPID-2835620",
          "CSAFPID-2835563",
          "CSAFPID-2835618",
          "CSAFPID-2835617",
          "CSAFPID-2835616",
          "CSAFPID-2835615",
          "CSAFPID-2835634",
          "CSAFPID-2835613",
          "CSAFPID-2835612",
          "CSAFPID-2835218",
          "CSAFPID-2835610",
          "CSAFPID-2835609",
          "CSAFPID-2835217",
          "CSAFPID-2835607",
          "CSAFPID-2835606",
          "CSAFPID-2835595",
          "CSAFPID-2835594",
          "CSAFPID-2835557",
          "CSAFPID-2835429",
          "CSAFPID-2835439",
          "CSAFPID-2835428",
          "CSAFPID-2835427",
          "CSAFPID-2835644"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-27488",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27488.json"
        }
      ],
      "title": "CVE-2025-27488"
    }
  ]
}

fkie_cve-2025-29970

Vulnerability from fkie_nvd

Published

2025-05-13 17:15

Modified

2025-05-19 14:20

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.

References

▶	URL	Tags
	secure@microsoft.com	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29970	Vendor Advisory

Impacted products

Vendor	Product	Version
microsoft	windows_11_24h2	*
microsoft	windows_11_24h2	*
microsoft	windows_server_2022_23h2	*
microsoft	windows_server_2025	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*",
              "matchCriteriaId": "4448191F-2152-4E7F-8D4A-4EE7ED6657D6",
              "versionEndExcluding": "10.0.26100.4061",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*",
              "matchCriteriaId": "7CE8E58A-59AA-4649-8C0F-0DB11A1D1936",
              "versionEndExcluding": "10.0.26100.4061",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B9B2720-3733-4C50-85F7-156D781D15B8",
              "versionEndExcluding": "10.0.25398.1611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAE51E4F-FCFF-4DC0-9B76-861EE20D54A4",
              "versionEndExcluding": "10.0.26100.4061",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally."
    },
    {
      "lang": "es",
      "value": "Use After Free en Microsoft Brokering File System permite que un atacante autorizado eleve privilegios localmente."
    }
  ],
  "id": "CVE-2025-29970",
  "lastModified": "2025-05-19T14:20:49.300",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "secure@microsoft.com",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-05-13T17:15:57.837",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29970"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "secure@microsoft.com",
      "type": "Primary"
    }
  ]
}

ghsa-8q24-v8v4-g622

Vulnerability from github

Published

2025-05-13 18:30

Modified

2025-05-13 18:30

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-29970"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-13T17:15:57Z",
    "severity": "HIGH"
  },
  "details": "Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.",
  "id": "GHSA-8q24-v8v4-g622",
  "modified": "2025-05-13T18:30:55Z",
  "published": "2025-05-13T18:30:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29970"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29970"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

msrc_cve-2025-29970

Vulnerability from csaf_microsoft

Published

2025-05-13 07:00

Modified

2025-05-13 07:00

Summary

Microsoft Brokering File System Elevation of Privilege Vulnerability

Notes

Additional Resources

To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer

The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Customer Action

Required. The vulnerability documented by this CVE requires customer action to resolve.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Microsoft Offensive Research \u0026amp; Security Engineering"
        ]
      },
      {
        "names": [
          "hazard"
        ]
      }
    ],
    "aggregate_severity": {
      "namespace": "https://www.microsoft.com/en-us/msrc/security-update-severity-rating-system",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      },
      {
        "category": "general",
        "text": "Required. The vulnerability documented by this CVE requires customer action to resolve.",
        "title": "Customer Action"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2025-29970 Microsoft Brokering File System Elevation of Privilege Vulnerability - HTML",
        "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29970"
      },
      {
        "category": "self",
        "summary": "CVE-2025-29970 Microsoft Brokering File System Elevation of Privilege Vulnerability - CSAF",
        "url": "https://msrc.microsoft.com/csaf/advisories/2025/msrc_cve-2025-29970.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Exploitability Index",
        "url": "https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "Microsoft Brokering File System Elevation of Privilege Vulnerability",
    "tracking": {
      "current_release_date": "2025-05-13T07:00:00.000Z",
      "generator": {
        "date": "2025-07-15T01:10:58.449Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2025-29970",
      "initial_release_date": "2025-05-13T07:00:00.000Z",
      "revision_history": [
        {
          "date": "2025-05-13T07:00:00.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.26100.4061",
            "product": {
              "name": "Windows Server 2025 (Server Core installation) \u003c10.0.26100.4061",
              "product_id": "1"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.26100.4061",
            "product": {
              "name": "Windows Server 2025 (Server Core installation) 10.0.26100.4061",
              "product_id": "12437"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows Server 2025 (Server Core installation)"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.25398.1611",
            "product": {
              "name": "Windows Server 2022, 23H2 Edition (Server Core installation) \u003c10.0.25398.1611",
              "product_id": "5"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.25398.1611",
            "product": {
              "name": "Windows Server 2022, 23H2 Edition (Server Core installation) 10.0.25398.1611",
              "product_id": "12244"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows Server 2022, 23H2 Edition (Server Core installation)"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.26100.4061",
            "product": {
              "name": "Windows 11 Version 24H2 for ARM64-based Systems \u003c10.0.26100.4061",
              "product_id": "4"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.26100.4061",
            "product": {
              "name": "Windows 11 Version 24H2 for ARM64-based Systems 10.0.26100.4061",
              "product_id": "12389"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows 11 Version 24H2 for ARM64-based Systems"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.26100.4061",
            "product": {
              "name": "Windows 11 Version 24H2 for x64-based Systems \u003c10.0.26100.4061",
              "product_id": "3"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.26100.4061",
            "product": {
              "name": "Windows 11 Version 24H2 for x64-based Systems 10.0.26100.4061",
              "product_id": "12390"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows 11 Version 24H2 for x64-based Systems"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c10.0.26100.4061",
            "product": {
              "name": "Windows Server 2025 \u003c10.0.26100.4061",
              "product_id": "2"
            }
          },
          {
            "category": "product_version",
            "name": "10.0.26100.4061",
            "product": {
              "name": "Windows Server 2025 10.0.26100.4061",
              "product_id": "12436"
            }
          }
        ],
        "category": "product_name",
        "name": "Windows Server 2025"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-29970",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "general",
          "text": "Microsoft",
          "title": "Assigning CNA"
        },
        {
          "category": "faq",
          "text": "An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.",
          "title": "What privileges could be gained by an attacker who successfully exploited this vulnerability?"
        }
      ],
      "product_status": {
        "fixed": [
          "12244",
          "12389",
          "12390",
          "12436",
          "12437"
        ],
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-29970 Microsoft Brokering File System Elevation of Privilege Vulnerability - HTML",
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29970"
        },
        {
          "category": "self",
          "summary": "CVE-2025-29970 Microsoft Brokering File System Elevation of Privilege Vulnerability - CSAF",
          "url": "https://msrc.microsoft.com/csaf/advisories/2025/msrc_cve-2025-29970.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-05-13T07:00:00.000Z",
          "details": "10.0.26100.4061:Security Update:https://support.microsoft.com/help/5058411",
          "product_ids": [
            "1",
            "4",
            "3",
            "2"
          ],
          "url": "https://support.microsoft.com/help/5058411"
        },
        {
          "category": "vendor_fix",
          "date": "2025-05-13T07:00:00.000Z",
          "details": "10.0.26100.3981:SecurityHotpatchUpdate:https://support.microsoft.com/help/5058497",
          "product_ids": [
            "1",
            "4",
            "3",
            "2"
          ],
          "url": "https://support.microsoft.com/help/5058497"
        },
        {
          "category": "vendor_fix",
          "date": "2025-05-13T07:00:00.000Z",
          "details": "10.0.25398.1611:Security Update:https://support.microsoft.com/help/5058384",
          "product_ids": [
            "5"
          ],
          "url": "https://support.microsoft.com/help/5058384"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalsScore": 0.0,
            "exploitCodeMaturity": "UNPROVEN",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "remediationLevel": "OFFICIAL_FIX",
            "reportConfidence": "CONFIRMED",
            "scope": "UNCHANGED",
            "temporalScore": 6.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Elevation of Privilege"
        },
        {
          "category": "exploit_status",
          "details": "Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely"
        }
      ],
      "title": "Microsoft Brokering File System Elevation of Privilege Vulnerability"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2025-29970 (GCVE-0-2025-29970)

Vulnerability from cvelistv5

wid-sec-w-2025-1050

Vulnerability from csaf_certbund

ncsc-2025-0159

Vulnerability from csaf_ncscnl

fkie_cve-2025-29970

Vulnerability from fkie_nvd

ghsa-8q24-v8v4-g622

Vulnerability from github

msrc_cve-2025-29970

Vulnerability from csaf_microsoft

Tags

Sightings

Nomenclature