CVE Catalog

CVE-2026-42905

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.08%

24th percentile - higher than 24% of all known CVEs

Summary

A use after free vulnerability in the Windows DWM Core Library allows an authorized attacker to locally elevate privileges.

Risk Assessment

An attacker with appropriate permissions could exploit this vulnerability to gain higher privileges on the system, potentially leading to serious security breaches.

Recommendation

It is recommended to update Windows to the latest version to mitigate this vulnerability and to monitor the system for unauthorized activities.

Original NVD description (English source)

Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS