Overview

• The most severe issue is CVE-2025-55232 in Microsoft High Performance Compute Pack (CVSS 9.8), a deserialization bug that could allow unauthenticated remote code execution and has wormable potential, researchers warn.
• CVE-2025-54918 in Windows NTLM is rated Exploitation More Likely and could let an authenticated attacker gain SYSTEM privileges over the network with low complexity.
• CVE-2025-54916 is a Windows NTFS stack-buffer overflow that can enable code execution across many supported Windows versions, with Microsoft assessing exploitation as more likely.
• Publicly disclosed CVE-2025-55234 in SMB permits relay attacks and elevation of privilege when protections like SMB signing and Extended Protection for Authentication are not enforced.
• Cisco Talos released Snort detections for several flaws (Snort2 65327–65334, Snort3 301310–301313), and researchers note that roughly half of this month’s fixes address elevation-of-privilege risks.