CVE Catalog

CVE-2026-44808

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.27%

18th percentile - higher than 18% of all known CVEs

Summary

A heap-based buffer overflow in the Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Risk Assessment

An attacker could gain elevated privileges on the system, leading to full compromise of the workstation or server.

Recommendation

Immediately install the security update released by Microsoft for the affected Windows version.

Original NVD description (English source)

Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS