CVE Catalog

CVE-2026-42904

CriticalCVSS 9.6
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.11%

28th percentile — higher than 28% of all known CVEs

Summary

A heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate privileges over an adjacent network.

Risk Assessment

An attacker may gain elevated privileges, potentially leading to serious security breaches within the organization.

Recommendation

It is recommended to update Windows to the latest version to patch this vulnerability and to monitor network traffic for potential attacks.

Original NVD description (English source)

Heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate privileges over an adjacent network.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS