Description
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
Published: 2026-05-12
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A heap-based buffer overflow in the Windows kernel enables an authorized local attacker to elevate privileges. Classified as CWE‑822, the flaw allows execution of code with higher authority, effectively compromising the integrity of the affected system. The attack requires the attacker to be authorized and able to run code locally, but does not require network access.

Affected Systems

Microsoft Windows 11 version 24H2, Windows 11 version 25H2, Windows 11 version 26H1, Windows Server 2025, and Windows Server 2025 (Server Core installation) are all affected. The vulnerability exists on the 64‑bit editions of these operating systems and can be triggered by any process with local execution rights.

Risk and Exploitability

The CVSS score of 7.8 indicates high severity, while the EPSS score of less than 1% indicates a very low probability of exploitation. The vulnerability is not listed in the CISA KEV catalogue, suggesting no widely known exploits are public. The likely attack vector is local privilege escalation, requiring an authorized user to run arbitrary code on the host. Once exploited, the attacker can obtain kernel‑level privileges, disabling security mechanisms and modifying system configurations.

Generated by OpenCVE AI on June 1, 2026 at 21:30 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Windows security update that addresses the Windows kernel pointer dereference flaw.
  • Configure Windows Update or WSUS to automatically deliver and install critical updates as soon as they are released.
  • If a patch is delayed, enforce least‑privilege for local users, restrict write access to system directories, and monitor for anomalous activities that could indicate local code execution attempts.

Generated by OpenCVE AI on June 1, 2026 at 21:30 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 01 Jun 2026 19:00:00 +0000

Type Values Removed Values Added
Description Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally. Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

Wed, 20 May 2026 23:45:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft windows 11 25h2
CPEs cpe:2.3:o:microsoft:windows_11_2H2:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:x64:*
Vendors & Products Microsoft windows 11 2h2
Microsoft windows 11 25h2

Thu, 14 May 2026 18:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*

Wed, 13 May 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 13 May 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2025 (server Core Installation)
Vendors & Products Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2025 (server Core Installation)

Tue, 12 May 2026 17:30:00 +0000

Type Values Removed Values Added
Description Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.
Title Windows Kernel Elevation of Privilege Vulnerability
First Time appeared Microsoft
Microsoft windows 11 24h2
Microsoft windows 11 26h1
Microsoft windows 11 2h2
Microsoft windows Server 2025
Weaknesses CWE-822
CPEs cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_2H2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft windows 11 24h2
Microsoft windows 11 26h1
Microsoft windows 11 2h2
Microsoft windows Server 2025
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Windows 11 24h2 Windows 11 24h2 Windows 11 25h2 Windows 11 25h2 Windows 11 26h1 Windows 11 26h1 Windows Server 2025 Windows Server 2025 (server Core Installation)
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-06-02T23:17:12.707Z

Reserved: 2026-04-11T23:06:15.615Z

Link: CVE-2026-40369

cve-icon Vulnrichment

Updated: 2026-05-13T09:58:51.287Z

cve-icon NVD

Status : Modified

Published: 2026-05-12T18:17:16.023

Modified: 2026-06-01T19:16:35.187

Link: CVE-2026-40369

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-01T21:45:22Z

Weaknesses