Description
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
Published: 2026-05-12
Score: 7.8 High
EPSS: 4.7% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A heap‑based buffer overflow in the Windows kernel allows an authorized local attacker to elevate privileges. Classified as CWE‑822, the flaw enables execution of code with kernel‑level authority, providing elevated local access to the attacker.

Affected Systems

Windows 11 versions 24H2, 25H2, and 26H1, as well as Windows Server 2025, including Server Core installations, on both 64‑bit and arm64 architectures.

Risk and Exploitability

The CVSS score of 7.8 indicates high severity, while the EPSS score of 5% indicates a low probability of exploitation. The vulnerability is not listed in the CISA KEV catalogue, implying no widely known public exploits. The likely attack vector is local privilege escalation, requiring an authorized user to execute code locally. Once exploited, the attacker can obtain kernel‑level privileges, providing elevated local access to the affected system.

Generated by OpenCVE AI on June 23, 2026 at 22:47 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the official Windows security update that addresses this kernel heap overflow (see Microsoft update guide CVE-2026-40369).
  • Ensure all affected Windows 11 and Windows Server 2025 installations are updated to the latest security patch level.
  • Enforce least privilege for local accounts, restrict write permissions to kernel memory and system directories, and disable unnecessary services to limit the attack surface.

Generated by OpenCVE AI on June 23, 2026 at 22:47 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 01 Jun 2026 19:00:00 +0000

Type Values Removed Values Added
Description Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally. Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

Wed, 20 May 2026 23:45:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft windows 11 25h2
CPEs cpe:2.3:o:microsoft:windows_11_2H2:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:x64:*
Vendors & Products Microsoft windows 11 2h2
Microsoft windows 11 25h2

Thu, 14 May 2026 18:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*

Wed, 13 May 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 13 May 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2025 (server Core Installation)
Vendors & Products Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2025 (server Core Installation)

Tue, 12 May 2026 17:30:00 +0000

Type Values Removed Values Added
Description Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.
Title Windows Kernel Elevation of Privilege Vulnerability
First Time appeared Microsoft
Microsoft windows 11 24h2
Microsoft windows 11 26h1
Microsoft windows 11 2h2
Microsoft windows Server 2025
Weaknesses CWE-822
CPEs cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_2H2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft windows 11 24h2
Microsoft windows 11 26h1
Microsoft windows 11 2h2
Microsoft windows Server 2025
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Windows 11 24h2 Windows 11 24h2 Windows 11 25h2 Windows 11 25h2 Windows 11 26h1 Windows 11 26h1 Windows Server 2025 Windows Server 2025 (server Core Installation)
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-06-19T16:12:53.763Z

Reserved: 2026-04-11T23:06:15.615Z

Link: CVE-2026-40369

cve-icon Vulnrichment

Updated: 2026-05-13T09:58:51.287Z

cve-icon NVD

Status : Modified

Published: 2026-05-12T18:17:16.023

Modified: 2026-06-17T10:45:12.077

Link: CVE-2026-40369

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-23T23:00:08Z

Weaknesses
  • CWE-822

    Untrusted Pointer Dereference