14Oca
CVE-2025-21291 | Microsoft Windows up to Server 2022 23H2 Direct Show double free
A vulnerability classified as critical was found in Microsoft Windows up to Server 2022 23H2. This vulnerability affects unknown code of the component Direct Show. The manipulation leads to double free. This vulnerability was named CVE-2025-21291. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.