Microsoft: >> Windows Server 2025 >> 10.0.26100.7171 Security Vulnerabilities
Improper neutralization of special elements used in a command ('command injection') in Windows PowerShell allows an unauthorized attacker to execute code locally.
CVSS Score
7.8
EPSS Score
0.004
Published
2025-12-09
CVE-2025-60710
Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.
Known exploited
CVSS Score
7.8
EPSS Score
0.268
Published
2025-11-11
Page 31