CVE Catalog

CVE-2026-45638

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.29%

20th percentile - higher than 20% of all known CVEs

Summary

A heap-based buffer overflow in the Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Risk Assessment

An attacker with limited access to the system can gain higher privileges, potentially leading to full system compromise.

Recommendation

Apply the security update provided by Microsoft in the monthly cumulative patch as soon as possible.

Original NVD description (English source)

Heap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS