CVE-2025-21391 — Microsoft Windows Storage Link Following Vulnerability

Description

Microsoft Windows Storage contains a link following vulnerability that could allow for privilege escalation. This vulnerability could allow an attacker to delete data including data that results in the service being unavailable.

How to fix CVE-2025-21391

No package mapping is available — consult the references below for vendor-specific guidance.

Is CVE-2025-21391 being exploited?

Yes — CVE-2025-21391 is on the CISA Known Exploited Vulnerabilities (KEV) catalog. Patch immediately.

Affected packages (0)

No package mapping in OSV.