CVE-2026-34329 | BaseFortify

Thank you illustration

Thank you for your feedback!

Your input helps us improve and create a better experience for you. We appreciate your time!

CVE-2026-34329

Analyzed Analyzed - Analysis Complete

BaseFortify

Publication date: 2026-05-12

Last updated on: 2026-05-14

Assigner: Microsoft Corporation

Description

Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-05-12

Last Modified

2026-05-14

Generated

2026-06-10

EPSS Evaluated

2026-06-08

NVD

Affected Vendors & Products

Vendor	Product	Version / Range
microsoft	windows_10_1607	to 10.0.14393.9140 (exc)
microsoft	windows_10_1809	to 10.0.17763.8755 (exc)
microsoft	windows_10_21h2	to 10.0.19044.7291 (exc)
microsoft	windows_10_22h2	to 10.0.19045.7291 (exc)
microsoft	windows_11_23h2	to 10.0.22631.7079 (exc)
microsoft	windows_11_24h2	to 10.0.26100.8390 (exc)
microsoft	windows_11_25h2	to 10.0.26200.8390 (exc)
microsoft	windows_11_26h1	to 10.0.28000.2113 (exc)
microsoft	windows_server_2012	*
microsoft	windows_server_2012	r2
microsoft	windows_server_2016	to 10.0.14393.9140 (exc)
microsoft	windows_server_2019	to 10.0.17763.8755 (exc)
microsoft	windows_server_2022	to 10.0.20348.5074 (exc)
microsoft	windows_server_2022_23h2	to 10.0.25398.2330 (exc)
microsoft	windows_server_2025	to 10.0.26100.32772 (exc)

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-122	A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

Attack-Flow Graph

AI Quick Actions have not been generated yet.

Hi! I’m here to help you understand CVE-2026-34329. Ask me anything about the vulnerability, its impact, or mitigation strategies.

0/70

EPSS Chart