Description
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
Published: 2026-06-09
Score: 8.2 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An out-of-bounds read flaw in the Windows Hyper‑V hypervisor enables an attacker with the ability to supply input to the hypervisor to read beyond allocated memory. The flaw is a classic heap corruption weakness (CWE‑122). If successfully exploited, the attacker could inject or manipulate data that subsequently executes within the Hyper‑V kernel context, granting the attacker the capability to run arbitrary code with kernel‑level privileges on the host system.

Affected Systems

This vulnerability affects Microsoft Windows 11 23H2, 24H2, 25H2, 26H1 and Windows Server 2022, Server 2025, including the Server Core installation. All listed versions are impacted by the identified out-of-bounds read flaw.

Risk and Exploitability

The CVSS score of 8.2 classifies this issue as high severity. The EPSS score is not available, so the likelihood of exploitation cannot be quantified. The vulnerability is not listed in the CISA KEV catalog. No remote exploitation path has been confirmed by the description, and the most probable scenario would require local access to the Hyper‑V environment; the CVE description does not specify the exact attack vector, so it is inferred that the attacker would need to interact with the Hyper‑V subsystem from a privileged or compromised local account.

Generated by OpenCVE AI on June 9, 2026 at 21:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the cumulative update that addresses CVE‑2026‑47652 as identified in Microsoft's update guide.
  • If a patch is not yet available, disable Hyper‑V virtualization on the affected machines via the System Settings or group policy to prevent the vulnerable code from loading.
  • Implement continuous monitoring for anomalous Hyper‑V activity or unexpected kernel writes that could indicate exploitation attempts.

Generated by OpenCVE AI on June 9, 2026 at 21:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 10 Jun 2026 18:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*

Wed, 10 Jun 2026 11:30:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2025 (server Core Installation)
Vendors & Products Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2025 (server Core Installation)
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 09 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Description Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
Title Windows Hyper-V Remote Code Execution Vulnerability
First Time appeared Microsoft
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2022
Microsoft windows Server 2025
Weaknesses CWE-122
CPEs cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2022
Microsoft windows Server 2025
References
Metrics cvssV3_1

{'score': 8.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Windows 11 23h2 Windows 11 23h2 Windows 11 24h2 Windows 11 24h2 Windows 11 25h2 Windows 11 25h2 Windows 11 26h1 Windows 11 26h1 Windows Server 2022 Windows Server 2025 Windows Server 2025 (server Core Installation)
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-06-26T19:41:15.599Z

Reserved: 2026-05-19T20:12:27.071Z

Link: CVE-2026-47652

cve-icon Vulnrichment

Updated: 2026-06-10T10:24:19.799Z

cve-icon NVD

Status : Analyzed

Published: 2026-06-09T17:17:36.623

Modified: 2026-06-10T17:53:26.770

Link: CVE-2026-47652

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-10T11:15:05Z

Weaknesses
  • CWE-122

    Heap-based Buffer Overflow