Software Detail

Software Informaton Top

Operating Systems

Software Detail

Windows Server

Number Of NVD

5145

CRITICAL

123

HIGH

3506

MEDIUM

1446

LOW

URL	https://www.microsoft.com/
Explanation	Server products offered by Microsoft. For business, developer, and desktop operating system products, 10 years of support at the supported Service Pack level (with a minimum of 5 years of mainstream support, followed by a minimum of 5 years of extended support). You may need to deploy the latest updates to be eligible for support. For some products, the support organization may be less than 10 years. For consumer and multimedia products, five years of mainstream support at the supported Service Pack level. The above text is excerpted from Microsoft's Fixed Lifecycle Policy.
Tag	商用ライセンス有り Microsoft

Add Information URL

No	Type	Name	URL
1			https://support.microsoft.com//lifecycle/search
2			https://www.microsoft.com/ja-jp/cloud-platform/windows-server
3			https://support.microsoft.com/ja-jp/hub/4095338/microsoft-lifecycle-policy
4			https://docs.microsoft.com/ja-jp/windows-server/get-started/windows-server-release-info

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Security Support Service Pack Support	Extended for a fee	Critical	High	Medium	Low
1	Windows Server 2022	21H2	Nov. 2, 2021	Nov. 2, 2021	Oct. 13, 2026		Oct. 14, 2031	55	1326	429	5
2	Windows Server 2019	1809	Oct. 2, 2018	Nov. 13, 2018	Jan. 9, 2024		Jan. 9, 2029	95	2505	893	11
3	Windows Server 2016	20H2	Oct. 20, 2020	Oct. 15, 2016	Jan. 11, 2022		Jan. 12, 2027	104	2591	1017	15
4	Windows Server 2012		Oct. 30, 2012	Oct. 30, 2012	Oct. 9, 2018		Oct. 10, 2023	95	2213	917	50
5	Windows Server 2008 R2（ Service Pack 1適用）			Feb. 22, 2011		Jan. 14, 2020		0	0	0	0
6	Windows Server 2008（Service Pack 2適用）			April 29, 2009		Jan. 14, 2020		0	0	0	0
7	Microsoft Windows Server 2003（Service Pack 2適用）			May 28, 2003	July 13, 2010		July 14, 2015	0	128	53	15
8	Microsoft Windows Storage Server 2003			May 5, 2003	Oct. 11, 2011		Oct. 9, 2016	0	128	53	15
9	Microsoft Windows 2000（Service Pack 4適用）			March 31, 2000	June 30, 2005		July 13, 2010	2	40	19	0

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	less than	Update date Published date	Show Affected	Exploit PoC Search
1	7.0 -	HIGH Local	Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.	CWE-416 Use After Free	CVE-2026-42825	cpe:2.3:o:microsoft:windows_server_2019:: cpe:2.3:o:microsoft:windows_server_2016:: cpe:2.3:o:microsoft:windo…	10.0.17763.8755 10.0.14393.9140	2026-05-14 23:26 2026-05-13	Show	GitHub Exploit DB Packet Storm

2	6.7 -	MEDIUM Local	Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.	CWE-1329 Reliance on Component That is Not Updateable	CVE-2026-41097	cpe:2.3:o:microsoft:windows_server_2019::	10.0.17763.8755	2026-05-16 00:36 2026-05-13	Show	GitHub Exploit DB Packet Storm

3	7.8 -	HIGH Local	Use after free in Data Deduplication allows an authorized attacker to elevate privileges locally.	CWE-416 Use After Free	CVE-2026-41095	cpe:2.3:o:microsoft:windows_server_2019:: cpe:2.3:o:microsoft:windows_server_2016:: cpe:2.3:o:microsoft:windo…	10.0.17763.8755 10.0.14393.9140	2026-05-16 00:40 2026-05-13	Show	GitHub Exploit DB Packet Storm

4	9.8 -	CRITICAL Network	Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network.	CWE-121 Stack-based Buffer Overflow	CVE-2026-41089	cpe:2.3:o:microsoft:windows_server_2019:: cpe:2.3:o:microsoft:windows_server_2016:: cpe:2.3:o:microsoft:windo…	10.0.17763.8755 10.0.14393.9140	2026-05-16 00:42 2026-05-13	Show	GitHub Exploit DB Packet Storm

5	8.1 -	HIGH Network	Use after free in Windows TCP/IP allows an unauthorized attacker to execute code over a network.	CWE-416 Use After Free	CVE-2026-40415	cpe:2.3:o:microsoft:windows_server_2019::	10.0.17763.8755	2026-05-16 00:06 2026-05-13	Show	GitHub Exploit DB Packet Storm

6	7.4 -	HIGH Adjacent	Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over an adjacent network.	CWE-476 NULL Pointer Dereference	CVE-2026-40414	cpe:2.3:o:microsoft:windows_server_2019:: cpe:2.3:o:microsoft:windows_server_2016:: cpe:2.3:o:microsoft:windo…	10.0.17763.8755 10.0.14393.9140	2026-05-16 00:07 2026-05-13	Show	GitHub Exploit DB Packet Storm

7	7.4 -	HIGH Adjacent	Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over an adjacent network.	CWE-476 NULL Pointer Dereference	CVE-2026-40413	cpe:2.3:o:microsoft:windows_server_2019:: cpe:2.3:o:microsoft:windows_server_2016:: cpe:2.3:o:microsoft:windo…	10.0.17763.8755 10.0.14393.9140	2026-05-16 00:08 2026-05-13	Show	GitHub Exploit DB Packet Storm

8	7.0 -	HIGH Local	Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally.	CWE-416 Use After Free	CVE-2026-40410	cpe:2.3:o:microsoft:windows_server_2019:: cpe:2.3:o:microsoft:windows_server_2016:: cpe:2.3:o:microsoft:windo…	10.0.17763.8755 10.0.14393.9140	2026-05-16 00:10 2026-05-13	Show	GitHub Exploit DB Packet Storm

9	7.8 -	HIGH Local	Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.	CWE-416 Use After Free	CVE-2026-40408	cpe:2.3:o:microsoft:windows_server_2019:: cpe:2.3:o:microsoft:windows_server_2016:: cpe:2.3:o:microsoft:windo…	10.0.17763.8755 10.0.14393.9140	2026-05-16 00:11 2026-05-13	Show	GitHub Exploit DB Packet Storm

10	7.8 -	HIGH Local	Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.	CWE-122 Heap-based Buffer Overflow	CVE-2026-40407	cpe:2.3:o:microsoft:windows_server_2019:: cpe:2.3:o:microsoft:windows_server_2016:: cpe:2.3:o:microsoft:windo…	10.0.17763.8755 10.0.14393.9140	2026-05-16 00:19 2026-05-13	Show	GitHub Exploit DB Packet Storm