CVE-2025-59287

⚠ KEVEPSS 72.7%

Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability

Added to CISA KEV: 10/24/2025

Description

Microsoft Windows Server Update Service (WSUS) contains a deserialization of untrusted data vulnerability that allows for remote code execution.

No package mapping in OSV.